/**
 *
 */
import Util;
import OpenApi;
import OpenApiUtil;
import EndpointUtil;

extends OpenApi;


init(config: OpenApi.Config){
  super(config);
  @endpointRule = '';
  
  checkConfig(config);
  @endpoint = getEndpoint('yundun-bastionhost', @regionId, @endpointRule, @network, @suffix, @endpointMap, @endpoint);
}

function getEndpoint(productId: string, regionId: string, endpointRule: string, network: string, suffix: string, endpointMap: map[string]string, endpoint: string) throws: string{
  if (!Util.empty(endpoint)) {
    return endpoint;
  }
  
  if (!Util.isUnset(endpointMap) && !Util.empty(endpointMap[regionId])) {
    return endpointMap[regionId];
  }
  return EndpointUtil.getEndpointRules(productId, regionId, endpointRule, network, suffix);
}

model AcceptApproveCommandRequest {
  commandId?: string(name='CommandId', description='The ID of the command that you want to approve.

>  You can call the [ListApproveCommands](https://help.aliyun.com/document_detail/2584310.html) operation to query the IDs of all commands that need to be reviewed.

This parameter is required.', example='7'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the DescribeInstances operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model AcceptApproveCommandResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model AcceptApproveCommandResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AcceptApproveCommandResponseBody(name='body'),
}

/**
 * @summary If an O\\&M engineer attempts to run a command specified in the Command Approval field on the Create Control Policy page, the administrator is notified to review the command in the Bastionhost console. The command can be run only after it is approved by the administrator.
 *
 * @description You can call this operation as a Bastionhost administrator to approve the request to run a command of an O\\&M engineer.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AcceptApproveCommandRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AcceptApproveCommandResponse
 */
async function acceptApproveCommandWithOptions(request: AcceptApproveCommandRequest, runtime: Util.RuntimeOptions): AcceptApproveCommandResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.commandId)) {
    query['CommandId'] = request.commandId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AcceptApproveCommand',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary If an O\\&M engineer attempts to run a command specified in the Command Approval field on the Create Control Policy page, the administrator is notified to review the command in the Bastionhost console. The command can be run only after it is approved by the administrator.
 *
 * @description You can call this operation as a Bastionhost administrator to approve the request to run a command of an O\\&M engineer.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AcceptApproveCommandRequest
 * @return AcceptApproveCommandResponse
 */
async function acceptApproveCommand(request: AcceptApproveCommandRequest): AcceptApproveCommandResponse {
  var runtime = new Util.RuntimeOptions{};
  return acceptApproveCommandWithOptions(request, runtime);
}

model AcceptOperationTicketRequest {
  comment?: string(name='Comment', description='The review description.', example='O\\\\&M allowed'),
  effectCount?: string(name='EffectCount', description='The maximum number of logons allowed. Valid values:

*   **0**: The number of logons is unlimited. The O\\\\&M engineer can log on to the specified asset for unlimited times during the validity period.
*   **1**: The O\\\\&M engineer can log on to the specified asset only once during the validity period.

> *   You can set this parameter only to 0 if you review an O\\\\&M application on a database.
> *   If you do not specify this parameter, the default value 0 is used.', example='1'),
  effectEndTime?: string(name='EffectEndTime', description='The end time of the validity period. The value is a UNIX timestamp. Unit: seconds.', example='1679393152'),
  effectStartTime?: string(name='EffectStartTime', description='The start time of the validity period. The value is a UNIX timestamp. Unit: seconds.', example='1685600242'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  operationTicketId?: string(name='OperationTicketId', description='The ID of the O\\\\&M application that you want to approve. You can call the ListOperationTickets operation to query the IDs of all O\\\\&M applications that require review.

This parameter is required.', example='1'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model AcceptOperationTicketResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model AcceptOperationTicketResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AcceptOperationTicketResponseBody(name='body'),
}

/**
 * @summary Approves an O\\\\\\\\\\\\&M application.
 *
 * @description You can call this operation as a Bastionhost administrator to approve an O\\&M application of an O\\&M engineer.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AcceptOperationTicketRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AcceptOperationTicketResponse
 */
async function acceptOperationTicketWithOptions(request: AcceptOperationTicketRequest, runtime: Util.RuntimeOptions): AcceptOperationTicketResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.effectCount)) {
    query['EffectCount'] = request.effectCount;
  }
  if (!Util.isUnset(request.effectEndTime)) {
    query['EffectEndTime'] = request.effectEndTime;
  }
  if (!Util.isUnset(request.effectStartTime)) {
    query['EffectStartTime'] = request.effectStartTime;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.operationTicketId)) {
    query['OperationTicketId'] = request.operationTicketId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AcceptOperationTicket',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Approves an O\\\\\\\\\\\\&M application.
 *
 * @description You can call this operation as a Bastionhost administrator to approve an O\\&M application of an O\\&M engineer.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AcceptOperationTicketRequest
 * @return AcceptOperationTicketResponse
 */
async function acceptOperationTicket(request: AcceptOperationTicketRequest): AcceptOperationTicketResponse {
  var runtime = new Util.RuntimeOptions{};
  return acceptOperationTicketWithOptions(request, runtime);
}

model AddDatabasesToGroupRequest {
  databaseIds?: [ string ](name='DatabaseIds', description='An array that consists of the database IDs.

This parameter is required.'),
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group to which you want to add the databases.

>  You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the asset group.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model AddDatabasesToGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code returned. If **OK** is returned, the operation was successful. If another error code is returned, the operation failed.', example='OK'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='9'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='1'),
      message?: string(name='Message', description='The error message returned.'),
    }
  ](name='Results', description='The data returned.'),
}

model AddDatabasesToGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddDatabasesToGroupResponseBody(name='body'),
}

/**
 * @summary Adds multiple databases to a specified asset group.
 *
 * @param request AddDatabasesToGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddDatabasesToGroupResponse
 */
async function addDatabasesToGroupWithOptions(request: AddDatabasesToGroupRequest, runtime: Util.RuntimeOptions): AddDatabasesToGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseIds)) {
    query['DatabaseIds'] = request.databaseIds;
  }
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddDatabasesToGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Adds multiple databases to a specified asset group.
 *
 * @param request AddDatabasesToGroupRequest
 * @return AddDatabasesToGroupResponse
 */
async function addDatabasesToGroup(request: AddDatabasesToGroupRequest): AddDatabasesToGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return addDatabasesToGroupWithOptions(request, runtime);
}

model AddHostsToGroupRequest {
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group to which you want to add hosts.

>You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the asset group ID.

This parameter is required.', example='1'),
  hostIds?: string(name='HostIds', description='The IDs of the hosts that you want to add to the asset group. Specify a JSON string. You can specify up to 100 host IDs.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the host IDs.

This parameter is required.', example='["1","2","3"]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose asset group you want to add hosts to.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose asset group you want to add hosts to.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model AddHostsToGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='81500666-d7f5-4143-8329-0223cc738105'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.
    >Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
    > Make sure that the specified bastion host ID and host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='1'),
      hostId?: string(name='HostId', description='The host ID.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
    }
  ](name='Results', description='The result of the call.'),
}

model AddHostsToGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddHostsToGroupResponseBody(name='body'),
}

/**
 * @summary Adds one or more hosts to the specified host group.
 *
 * @description You can call this operation to add one or more hosts to a host group. You can add multiple hosts to a host group to manage and grant permissions on the hosts in a centralized manner.
 * # Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds a limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limits when you call this operation.
 *
 * @param request AddHostsToGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddHostsToGroupResponse
 */
async function addHostsToGroupWithOptions(request: AddHostsToGroupRequest, runtime: Util.RuntimeOptions): AddHostsToGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.hostIds)) {
    query['HostIds'] = request.hostIds;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddHostsToGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Adds one or more hosts to the specified host group.
 *
 * @description You can call this operation to add one or more hosts to a host group. You can add multiple hosts to a host group to manage and grant permissions on the hosts in a centralized manner.
 * # Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds a limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limits when you call this operation.
 *
 * @param request AddHostsToGroupRequest
 * @return AddHostsToGroupResponse
 */
async function addHostsToGroup(request: AddHostsToGroupRequest): AddHostsToGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return addHostsToGroupWithOptions(request, runtime);
}

model AddUsersToGroupRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to add users to the user group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to add users to the user group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group to which you want to add users.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='１'),
  userIds?: string(name='UserIds', description='The ID of the user that you want to add to the user group. The value is a JSON string. You can add up to 100 user IDs. If you specify multiple IDs, separate the IDs with commas (,).

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='["1","2","3"]'),
}

model AddUsersToGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.

> Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.

> Check whether the specified ID of the bastion host exists, whether the specified hosts exist, and whether the specified host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userGroupId?: string(name='UserGroupId', description='The ID of the group.', example='1'),
      userId?: string(name='UserId', description='The ID of the user.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AddUsersToGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddUsersToGroupResponseBody(name='body'),
}

/**
 * @summary Add one or more users to a user group.
 *
 * @description #
 * You can call this operation to add one or more users to a user group. After you call the [CreateUserGroup](https://help.aliyun.com/document_detail/204596.html) operation to create a user group, you can call the AddUsersToGroup operation to add multiple users to the user group. Then, you can manage and grant permissions to the users at a time.
 * # Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddUsersToGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddUsersToGroupResponse
 */
async function addUsersToGroupWithOptions(request: AddUsersToGroupRequest, runtime: Util.RuntimeOptions): AddUsersToGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddUsersToGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Add one or more users to a user group.
 *
 * @description #
 * You can call this operation to add one or more users to a user group. After you call the [CreateUserGroup](https://help.aliyun.com/document_detail/204596.html) operation to create a user group, you can call the AddUsersToGroup operation to add multiple users to the user group. Then, you can manage and grant permissions to the users at a time.
 * # Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddUsersToGroupRequest
 * @return AddUsersToGroupResponse
 */
async function addUsersToGroup(request: AddUsersToGroupRequest): AddUsersToGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return addUsersToGroupWithOptions(request, runtime);
}

model AttachDatabaseAccountsToUserRequest {
  databases?: [ 
    {
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='An array that consists of database account IDs.'),
      databaseId?: string(name='DatabaseId', description='The ID of the database that you want to authorize the user to manage.', example='22'),
    }
  ](name='Databases', description='An array that consists of database objects.

>  You can specify up to 10 databases and 10 database accounts. The database accounts are not required. If you do not specify a database account, the user is authorized to manage only the databases.'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose user you want to grant permissions.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-wwo36qbv601'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user to be authorized.

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the user ID.

This parameter is required.', example='1'),
}

model AttachDatabaseAccountsToUserResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='23120B8E-8737-50BD-A3A3-902A7821F04D'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code that is returned. If **OK** is returned, the authorization was successful. If another error code is returned, the authorization failed.', example='OK'),
      databaseAccounts?: [ 
        {
          code?: string(name='Code', description='The error code that is returned. If OK is returned, the authorization was successful. If another error code is returned, the authorization failed.', example='OK'),
          databaseAccountId?: string(name='DatabaseAccountId', description='The database account ID.', example='6'),
          message?: string(name='Message', description='The error message that is returned.', example='success'),
        }
      ](name='DatabaseAccounts', description='A list that shows the authorization results of the database accounts.'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='22'),
      message?: string(name='Message', description='The error message that is returned.'),
      userId?: string(name='UserId', description='The user ID.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachDatabaseAccountsToUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachDatabaseAccountsToUserResponseBody(name='body'),
}

/**
 * @summary Authorizes a user to manage databases and database accounts.
 *
 * @param request AttachDatabaseAccountsToUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachDatabaseAccountsToUserResponse
 */
async function attachDatabaseAccountsToUserWithOptions(request: AttachDatabaseAccountsToUserRequest, runtime: Util.RuntimeOptions): AttachDatabaseAccountsToUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachDatabaseAccountsToUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Authorizes a user to manage databases and database accounts.
 *
 * @param request AttachDatabaseAccountsToUserRequest
 * @return AttachDatabaseAccountsToUserResponse
 */
async function attachDatabaseAccountsToUser(request: AttachDatabaseAccountsToUserRequest): AttachDatabaseAccountsToUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachDatabaseAccountsToUserWithOptions(request, runtime);
}

model AttachDatabaseAccountsToUserGroupRequest {
  databases?: [ 
    {
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='An array that consists of database account IDs.'),
      databaseId?: string(name='DatabaseId', description='The ID of the database that you want to authorize the user group to manage.', example='58'),
    }
  ](name='Databases', description='An array that consists of the database objects.

>  You can specify up to 10 databases and 10 database accounts. The database accounts are not required. If you do not specify a database account, the user group is authorized to manage only the databases.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-zvp282aly06'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='This parameter is required.', example='2'),
}

model AttachDatabaseAccountsToUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='5D0EB759-CB0A-537D-A2CC-13A9854FA08D'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code returned. If OK is returned, the authorization was successful. If another error code is returned, the authorization failed.', example='OK'),
      databaseAccounts?: [ 
        {
          code?: string(name='Code', description='The error code returned. If OK is returned, the authorization was successful. If another error code is returned, the authorization failed.', example='OK'),
          databaseAccountId?: string(name='DatabaseAccountId', description='The database account ID.', example='8'),
          message?: string(name='Message', description='The error message returned.'),
        }
      ](name='DatabaseAccounts', description='A list that shows the authorization results of the database accounts.'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='2'),
      message?: string(name='Message', description='The error message returned.'),
      userGroupId?: string(name='UserGroupId', description='The user group ID.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachDatabaseAccountsToUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachDatabaseAccountsToUserGroupResponseBody(name='body'),
}

/**
 * @summary Authorizes a user group to manage databases and database accounts.
 *
 * @param request AttachDatabaseAccountsToUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachDatabaseAccountsToUserGroupResponse
 */
async function attachDatabaseAccountsToUserGroupWithOptions(request: AttachDatabaseAccountsToUserGroupRequest, runtime: Util.RuntimeOptions): AttachDatabaseAccountsToUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachDatabaseAccountsToUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Authorizes a user group to manage databases and database accounts.
 *
 * @param request AttachDatabaseAccountsToUserGroupRequest
 * @return AttachDatabaseAccountsToUserGroupResponse
 */
async function attachDatabaseAccountsToUserGroup(request: AttachDatabaseAccountsToUserGroupRequest): AttachDatabaseAccountsToUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachDatabaseAccountsToUserGroupWithOptions(request, runtime);
}

model AttachHostAccountsToHostShareKeyRequest {
  hostAccountIds?: string(name='HostAccountIds', description='The host account IDs.

>  You must specify this parameter. You can call the [ListHostAccounts](https://help.aliyun.com/document_detail/462937.html) operation to query the host account IDs.', example='["1","2","3"]'),
  hostShareKeyId?: string(name='HostShareKeyId', description='The shared key ID.

>  You must specify this parameter. You can call the [ListHostShareKeys](https://help.aliyun.com/document_detail/462973.html) operation to query the shared key ID.', example='10267'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host. You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host. For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model AttachHostAccountsToHostShareKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code returned. If **OK** is returned, the association was successful. If another error code is returned, the association failed.', example='OK'),
      hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1201'),
      hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key.', example='10267'),
      message?: string(name='Message', description='The error message returned.', example='The host account does not exist'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachHostAccountsToHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachHostAccountsToHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Associates host accounts with a shared key.
 *
 * @param request AttachHostAccountsToHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachHostAccountsToHostShareKeyResponse
 */
async function attachHostAccountsToHostShareKeyWithOptions(request: AttachHostAccountsToHostShareKeyRequest, runtime: Util.RuntimeOptions): AttachHostAccountsToHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountIds)) {
    query['HostAccountIds'] = request.hostAccountIds;
  }
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachHostAccountsToHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Associates host accounts with a shared key.
 *
 * @param request AttachHostAccountsToHostShareKeyRequest
 * @return AttachHostAccountsToHostShareKeyResponse
 */
async function attachHostAccountsToHostShareKey(request: AttachHostAccountsToHostShareKeyRequest): AttachHostAccountsToHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachHostAccountsToHostShareKeyWithOptions(request, runtime);
}

model AttachHostAccountsToUserRequest {
  hosts?: string(name='Hosts', description='The IDs of the hosts and host accounts that you want to authorize the user to manage. You can specify up to 10 host IDs and up to 10 host account IDs for each host. You can specify only host IDs. In this case, the user is authorized to manage only the specified hosts. For more information about this parameter, see the "Description of the Hosts parameter" section of this topic.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='[ {"HostId":"1"}, {"HostId":"2","HostAccountIds":["1","2","3"]}, {"HostId":"3","HostAccountIds":["4","5","6"]}, {"HostId":"4","HostAccountIds":["9","8","7"]}  ]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to authorize the user to manage the hosts and host accounts.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to authorize the user to manage the hosts and host accounts.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user that you want to authorize to manage the hosts and host accounts.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model AttachHostAccountsToUserResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.

> Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.

> Check whether the specified ID of the bastion host exists, whether the specified hosts exist, and whether the specified host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccounts?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether the user was authorized to manage the host accounts. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1'),
          message?: string(name='Message', description='This parameter is deprecated.'),
        }
      ](name='HostAccounts', description='The result of authorizing the user to manage the host accounts.'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userId?: string(name='UserId', description='The ID of the user.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachHostAccountsToUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachHostAccountsToUserResponseBody(name='body'),
}

/**
 * @summary Authorizes a user to manage the hosts and host accounts.
 *
 * @param request AttachHostAccountsToUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachHostAccountsToUserResponse
 */
async function attachHostAccountsToUserWithOptions(request: AttachHostAccountsToUserRequest, runtime: Util.RuntimeOptions): AttachHostAccountsToUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachHostAccountsToUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Authorizes a user to manage the hosts and host accounts.
 *
 * @param request AttachHostAccountsToUserRequest
 * @return AttachHostAccountsToUserResponse
 */
async function attachHostAccountsToUser(request: AttachHostAccountsToUserRequest): AttachHostAccountsToUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachHostAccountsToUserWithOptions(request, runtime);
}

model AttachHostAccountsToUserGroupRequest {
  hosts?: string(name='Hosts', description='The IDs of the host and host account that you want to authorize the user group to manage. You can specify up to 10 host IDs and up to 10 host account IDs for each host. You can specify only host IDs. In this case, the user group is authorized to manage only the specified hosts. For more information about this parameter, see the "Description of the Hosts parameter" section of this topic.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='[ {"HostId":"1"}, {"HostId":"2","HostAccountIds":["1","2","3",...]}, {"HostId":"3","HostAccountIds":["4","5","6",...]}, {"HostId":"4","HostAccountIds":["9","8","7",...]} ... ]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to authorize the user group to manage the specified hosts and host accounts.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to authorize the user group to manage the specified hosts and host accounts.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group that you want to authorize to manage the specified hosts and host accounts.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model AttachHostAccountsToUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccounts?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether the user group was authorized to manage the specified host account. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1'),
          message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
        }
      ](name='HostAccounts', description='The result of authorizing the specified user group to manage the specified host accounts.'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
      userGroupId?: string(name='UserGroupId', description='The ID of the user group.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachHostAccountsToUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachHostAccountsToUserGroupResponseBody(name='body'),
}

/**
 * @summary Authorizes a user group to manage one or more hosts and host accounts.
 *
 * @description After you authorize a user group to manage specific hosts and host accounts, all the users in the user group have access to the authorized hosts and host accounts.
 *
 * @param request AttachHostAccountsToUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachHostAccountsToUserGroupResponse
 */
async function attachHostAccountsToUserGroupWithOptions(request: AttachHostAccountsToUserGroupRequest, runtime: Util.RuntimeOptions): AttachHostAccountsToUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachHostAccountsToUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Authorizes a user group to manage one or more hosts and host accounts.
 *
 * @description After you authorize a user group to manage specific hosts and host accounts, all the users in the user group have access to the authorized hosts and host accounts.
 *
 * @param request AttachHostAccountsToUserGroupRequest
 * @return AttachHostAccountsToUserGroupResponse
 */
async function attachHostAccountsToUserGroup(request: AttachHostAccountsToUserGroupRequest): AttachHostAccountsToUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachHostAccountsToUserGroupWithOptions(request, runtime);
}

model AttachHostGroupAccountsToUserRequest {
  hostGroups?: string(name='HostGroups', description='The ID of the host group and the name of the host account that you want to authorize the user to manage. You can specify up to 10 host group IDs and up to 10 host account names for each host group. You can specify only host group IDs. In this case, the user is authorized to manage only the specified host groups. For more information about this parameter, see the "Description of the HostGroups parameter" section of this topic.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the name of the host account.

This parameter is required.', example='[ {"HostGroupId":"1"}, {"HostGroupId":"2","HostAccountNames":["root","111","abc"]}, {"HostGroupId":"3","HostAccountNames":["root","111","abc"]}, {"HostGroupId":"4","HostAccountNames":["root","111","abc"]} ]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to authorize the user to manage the host groups and host accounts.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to authorize the user to manage the host groups and host accounts.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user that you want to authorize to manage the host groups and host accounts.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model AttachHostGroupAccountsToUserResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccountNames?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether the user was authorized to manage the host account. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='root'),
          message?: string(name='Message', description='This parameter is deprecated.'),
        }
      ](name='HostAccountNames', description='The result of authorizing the user to manage the host accounts.'),
      hostGroupId?: string(name='HostGroupId', description='The ID of the host group.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userId?: string(name='UserId', description='The ID of the user.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachHostGroupAccountsToUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachHostGroupAccountsToUserResponseBody(name='body'),
}

/**
 * @summary Authorizes a user to manage one or more host groups and host accounts.
 *
 * @param request AttachHostGroupAccountsToUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachHostGroupAccountsToUserResponse
 */
async function attachHostGroupAccountsToUserWithOptions(request: AttachHostGroupAccountsToUserRequest, runtime: Util.RuntimeOptions): AttachHostGroupAccountsToUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachHostGroupAccountsToUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Authorizes a user to manage one or more host groups and host accounts.
 *
 * @param request AttachHostGroupAccountsToUserRequest
 * @return AttachHostGroupAccountsToUserResponse
 */
async function attachHostGroupAccountsToUser(request: AttachHostGroupAccountsToUserRequest): AttachHostGroupAccountsToUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachHostGroupAccountsToUserWithOptions(request, runtime);
}

model AttachHostGroupAccountsToUserGroupRequest {
  hostGroups?: string(name='HostGroups', description='The ID of the host group and the name of the host account that you want to authorize the user group to manage. You can specify up to 10 host group IDs and up to 10 host account names for each host group. You can specify only host group IDs. In this case, the user group is authorized to manage only the specified host groups. For more information about this parameter, see the "Description of the HostGroups parameter" section of this topic.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the name of the host account.

This parameter is required.', example='[ {"HostGroupId":"1"}, {"HostGroupId":"2","HostAccountNames":["root","111","abc"]}, {"HostGroupId":"3","HostAccountNames":["root","111","abc"]}, {"HostGroupId":"4","HostAccountNames":["root","111","abc"]}]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to authorize the user group to manage the specified host groups and host accounts.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to authorize the user group to manage the specified host groups and host accounts.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group that you want to authorize to manage the specified host groups and host accounts.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model AttachHostGroupAccountsToUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccountNames?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether the user group was authorized to manage the specified host account. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='abc'),
          message?: string(name='Message', description='This parameter is deprecated.'),
        }
      ](name='HostAccountNames', description='The result of authorizing the user group to manage the specified host accounts.'),
      hostGroupId?: string(name='HostGroupId', description='The ID of the host group.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userGroupId?: string(name='UserGroupId', description='The ID of the user group.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model AttachHostGroupAccountsToUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachHostGroupAccountsToUserGroupResponseBody(name='body'),
}

/**
 * @summary Authorizes a user to manage one or more host groups and host accounts.
 *
 * @param request AttachHostGroupAccountsToUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachHostGroupAccountsToUserGroupResponse
 */
async function attachHostGroupAccountsToUserGroupWithOptions(request: AttachHostGroupAccountsToUserGroupRequest, runtime: Util.RuntimeOptions): AttachHostGroupAccountsToUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachHostGroupAccountsToUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Authorizes a user to manage one or more host groups and host accounts.
 *
 * @param request AttachHostGroupAccountsToUserGroupRequest
 * @return AttachHostGroupAccountsToUserGroupResponse
 */
async function attachHostGroupAccountsToUserGroup(request: AttachHostGroupAccountsToUserGroupRequest): AttachHostGroupAccountsToUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachHostGroupAccountsToUserGroupWithOptions(request, runtime);
}

model ConfigInstanceSecurityGroupsRequest {
  authorizedSecurityGroups?: [ string ](name='AuthorizedSecurityGroups', description='An array that consists of the IDs of authorized security groups.

This parameter is required.', example='sg-bp14u00sh39jvw5****'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Default value: **zh**. Valid values:

*   **zh**: Chinese
*   **en**: English', example='zh'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
}

model ConfigInstanceSecurityGroupsResponseBody = {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which security groups were configured.', example='bastionhost-cn-78v1gh****'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='0ECCC399-4D35-48A7-8379-5C6180E66235'),
}

model ConfigInstanceSecurityGroupsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ConfigInstanceSecurityGroupsResponseBody(name='body'),
}

/**
 * @summary Configures security groups for a bastion host.
 *
 * @param request ConfigInstanceSecurityGroupsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ConfigInstanceSecurityGroupsResponse
 */
async function configInstanceSecurityGroupsWithOptions(request: ConfigInstanceSecurityGroupsRequest, runtime: Util.RuntimeOptions): ConfigInstanceSecurityGroupsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.authorizedSecurityGroups)) {
    query['AuthorizedSecurityGroups'] = request.authorizedSecurityGroups;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ConfigInstanceSecurityGroups',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Configures security groups for a bastion host.
 *
 * @param request ConfigInstanceSecurityGroupsRequest
 * @return ConfigInstanceSecurityGroupsResponse
 */
async function configInstanceSecurityGroups(request: ConfigInstanceSecurityGroupsRequest): ConfigInstanceSecurityGroupsResponse {
  var runtime = new Util.RuntimeOptions{};
  return configInstanceSecurityGroupsWithOptions(request, runtime);
}

model ConfigInstanceWhiteListRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to configure a whitelist of public IP addresses.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
  whiteList?: [ string ](name='WhiteList', description='The IP address whitelist that you want to configure.', example='10.162.XX.XX'),
  whiteListPolicies?: [ 
    {
      description?: string(name='Description'),
      entry?: string(name='Entry'),
    }
  ](name='WhiteListPolicies'),
}

model ConfigInstanceWhiteListResponseBody = {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which a whitelist of public IP addresses is configured.', example='bastionhost-cn-78v1gh****'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='47820E32-5968-45CF-982F-09CB80DC180B'),
}

model ConfigInstanceWhiteListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ConfigInstanceWhiteListResponseBody(name='body'),
}

/**
 * @summary Configures a whitelist of public IP addresses for a bastion host.
 *
 * @description ## Usage notes
 * You can call this operation to configure a whitelist of public IP addresses for a bastion host. By default, a bastion host is accessible from all public IP addresses. If you want to allow the requests from specific public IP addresses, you can call this operation to add trusted IP addresses to the whitelist of the bastion host.  
 * ## Limits
 * You can call this operation up to 30 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ConfigInstanceWhiteListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ConfigInstanceWhiteListResponse
 */
async function configInstanceWhiteListWithOptions(request: ConfigInstanceWhiteListRequest, runtime: Util.RuntimeOptions): ConfigInstanceWhiteListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.whiteList)) {
    query['WhiteList'] = request.whiteList;
  }
  if (!Util.isUnset(request.whiteListPolicies)) {
    query['WhiteListPolicies'] = request.whiteListPolicies;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ConfigInstanceWhiteList',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Configures a whitelist of public IP addresses for a bastion host.
 *
 * @description ## Usage notes
 * You can call this operation to configure a whitelist of public IP addresses for a bastion host. By default, a bastion host is accessible from all public IP addresses. If you want to allow the requests from specific public IP addresses, you can call this operation to add trusted IP addresses to the whitelist of the bastion host.  
 * ## Limits
 * You can call this operation up to 30 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ConfigInstanceWhiteListRequest
 * @return ConfigInstanceWhiteListResponse
 */
async function configInstanceWhiteList(request: ConfigInstanceWhiteListRequest): ConfigInstanceWhiteListResponse {
  var runtime = new Util.RuntimeOptions{};
  return configInstanceWhiteListWithOptions(request, runtime);
}

model CreateDatabaseRequest {
  activeAddressType?: string(name='ActiveAddressType', description='The address type of the database to add. Valid values:

*   Public
*   Private

This parameter is required.', example='Public'),
  comment?: string(name='Comment', description='The remarks of the database to add. The remarks can be up to 500 characters in length.', example='cpp'),
  databaseName?: string(name='DatabaseName', description='The name of the database to add. This parameter is required if Source is set to **Local**.', example='Oracle'),
  databasePort?: int32(name='DatabasePort', description='The port of the database. This parameter is required if Source is set to **Local**.', example='5433'),
  databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The internal IP address of the database. Specify an IPv4 address or a domain name.

>  This parameter is required if ActiveAddressType is set to Private.', example='pgm-uf6o******'),
  databasePublicAddress?: string(name='DatabasePublicAddress', description='The public IP address of the database. Specify an IPv4 address or a domain name.

>  This parameter is required if ActiveAddressType is set to Public.', example='rm-uf65251k51******'),
  databaseType?: string(name='DatabaseType', description='The type of the database engine. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**

This parameter is required.', example='MySQL'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-7mz2g5hu20e'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to which the database to add belongs.

>  You can call the [ListNetworkDomains](https://help.aliyun.com/document_detail/2758827.html) operation to query the network domain ID.', example='1'),
  polarDBEndpointType?: string(name='PolarDBEndpointType', description='The endpoint type of the PolarDB database. This parameter is required if Source is set to PolarDB. Valid values:

*   Cluster
*   Primary', example='Cluster'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
  source?: string(name='Source', description='The type of the database to add. Valid values:

*   Local: on-premises database.
*   Rds: ApsaraDB RDS instance.
*   PolarDB: PolarDB cluster.

This parameter is required.', example='Local'),
  sourceInstanceId?: string(name='SourceInstanceId', description='The instance ID of the database to add.

> This parameter is required if **Source** is set to **Rds** or **PolarDB**.', example='i-bp19ienyt0yax748****'),
  sourceInstanceRegionId?: string(name='SourceInstanceRegionId', description='The region ID of the database to add.

>  This parameter is required if **Source** is set to **Rds** or **PolarDB**.', example='cn-shanghai'),
}

model CreateDatabaseResponseBody = {
  databaseId?: string(name='DatabaseId', description='The database ID.', example='334'),
  requestId?: string(name='RequestId', description='The request ID.', example='98EDD923-236C-5A88-88E7-4979A91B9325'),
}

model CreateDatabaseResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateDatabaseResponseBody(name='body'),
}

/**
 * @summary Imports an ApsaraDB RDS for MySQL instance, ApsaraDB RDS for SQL Server instance, ApsaraDB RDS for PostgreSQL instance, PolarDB for MySQL cluster, PolarDB for PostgreSQL cluster, PolarDB for PostgreSQL (Compatible with Oracle) cluster, self-managed MySQL database, self-managed SQL Server database, self-managed PostgreSQL database, or self-managed Oracle database to a bastion host.
 *
 * @param request CreateDatabaseRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateDatabaseResponse
 */
async function createDatabaseWithOptions(request: CreateDatabaseRequest, runtime: Util.RuntimeOptions): CreateDatabaseResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.activeAddressType)) {
    query['ActiveAddressType'] = request.activeAddressType;
  }
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.databaseName)) {
    query['DatabaseName'] = request.databaseName;
  }
  if (!Util.isUnset(request.databasePort)) {
    query['DatabasePort'] = request.databasePort;
  }
  if (!Util.isUnset(request.databasePrivateAddress)) {
    query['DatabasePrivateAddress'] = request.databasePrivateAddress;
  }
  if (!Util.isUnset(request.databasePublicAddress)) {
    query['DatabasePublicAddress'] = request.databasePublicAddress;
  }
  if (!Util.isUnset(request.databaseType)) {
    query['DatabaseType'] = request.databaseType;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.polarDBEndpointType)) {
    query['PolarDBEndpointType'] = request.polarDBEndpointType;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceInstanceId)) {
    query['SourceInstanceId'] = request.sourceInstanceId;
  }
  if (!Util.isUnset(request.sourceInstanceRegionId)) {
    query['SourceInstanceRegionId'] = request.sourceInstanceRegionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateDatabase',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Imports an ApsaraDB RDS for MySQL instance, ApsaraDB RDS for SQL Server instance, ApsaraDB RDS for PostgreSQL instance, PolarDB for MySQL cluster, PolarDB for PostgreSQL cluster, PolarDB for PostgreSQL (Compatible with Oracle) cluster, self-managed MySQL database, self-managed SQL Server database, self-managed PostgreSQL database, or self-managed Oracle database to a bastion host.
 *
 * @param request CreateDatabaseRequest
 * @return CreateDatabaseResponse
 */
async function createDatabase(request: CreateDatabaseRequest): CreateDatabaseResponse {
  var runtime = new Util.RuntimeOptions{};
  return createDatabaseWithOptions(request, runtime);
}

model CreateDatabaseAccountRequest {
  databaseAccountName?: string(name='DatabaseAccountName', description='The username of the database account to be created. The username can be up to 128 characters in length.

This parameter is required.', example='root'),
  databaseId?: string(name='DatabaseId', description='The ID of the database for which you want to create a database account.

>  You can call the [ListDatabaseAccounts](https://help.aliyun.com/document_detail/2758839.html) operation to query the database account ID.

This parameter is required.', example='3'),
  databaseSchema?: string(name='DatabaseSchema', description='The name of the database. This parameter is required for PostgreSQL and Oracle databases.', example='orcl'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to create a database account.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-5yd34ol020a'),
  loginAttribute?: string(name='LoginAttribute', description='The logon attribute. This parameter is required for Oracle databases. Valid values:

*   SERVICENAME
*   SID', example='SID'),
  password?: string(name='Password', description='The password of the database account to be created.', example='MCQ******'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to create a database account.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
}

model CreateDatabaseAccountResponseBody = {
  databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account.', example='40'),
  requestId?: string(name='RequestId', description='The request ID.', example='B07C465D-B09F-54DD-8FEC-90788BEABAFC'),
}

model CreateDatabaseAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateDatabaseAccountResponseBody(name='body'),
}

/**
 * @summary After a database is created, you can create a database account for the database. After the account is created, O\\&M engineers can use the account to log on to and perform O\\&M operations on the database.
 *
 * @param request CreateDatabaseAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateDatabaseAccountResponse
 */
async function createDatabaseAccountWithOptions(request: CreateDatabaseAccountRequest, runtime: Util.RuntimeOptions): CreateDatabaseAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountName)) {
    query['DatabaseAccountName'] = request.databaseAccountName;
  }
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.databaseSchema)) {
    query['DatabaseSchema'] = request.databaseSchema;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.loginAttribute)) {
    query['LoginAttribute'] = request.loginAttribute;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateDatabaseAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary After a database is created, you can create a database account for the database. After the account is created, O\\&M engineers can use the account to log on to and perform O\\&M operations on the database.
 *
 * @param request CreateDatabaseAccountRequest
 * @return CreateDatabaseAccountResponse
 */
async function createDatabaseAccount(request: CreateDatabaseAccountRequest): CreateDatabaseAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return createDatabaseAccountWithOptions(request, runtime);
}

model CreateExportConfigJobRequest {
  instanceId?: string(name='InstanceId', description='This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', example='cn-hangzhou'),
}

model CreateExportConfigJobResponseBody = {
  jobId?: string(name='JobId', example='1'),
  requestId?: string(name='RequestId', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model CreateExportConfigJobResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateExportConfigJobResponseBody(name='body'),
}

/**
 * @param request CreateExportConfigJobRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateExportConfigJobResponse
 */
async function createExportConfigJobWithOptions(request: CreateExportConfigJobRequest, runtime: Util.RuntimeOptions): CreateExportConfigJobResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateExportConfigJob',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request CreateExportConfigJobRequest
 * @return CreateExportConfigJobResponse
 */
async function createExportConfigJob(request: CreateExportConfigJobRequest): CreateExportConfigJobResponse {
  var runtime = new Util.RuntimeOptions{};
  return createExportConfigJobWithOptions(request, runtime);
}

model CreateHostRequest {
  activeAddressType?: string(name='ActiveAddressType', description='The endpoint type of the host that you want to create. Valid values:

*   **Public**: public endpoint
*   **Private**: internal endpoint

This parameter is required.', example='Public'),
  comment?: string(name='Comment', description='The description of the host that you want to create. The value can be up to 500 characters in length.', example='Local Host'),
  hostName?: string(name='HostName', description='The name of the host that you want to create. The name can be up to 128 characters in length.

This parameter is required.', example='host01'),
  hostPrivateAddress?: string(name='HostPrivateAddress', description='The internal endpoint of the host that you want to create. You can set this parameter to a domain name or an IP address.

> This parameter is required if the **ActiveAddressType** parameter is set to **Private**.', example='192.168.XX.XX'),
  hostPublicAddress?: string(name='HostPublicAddress', description='The public endpoint of the host that you want to create. You can set this parameter to a domain name or an IP address.

> This parameter is required if the **ActiveAddressType** parameter is set to **Public**.', example='172.16.XX.XX'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to create the host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  instanceRegionId?: string(name='InstanceRegionId', description='The ID of the region to which the ECS instance or the host in an ApsaraDB MyBase dedicated cluster belongs.

> This parameter is required if the **Source** parameter is set to **Ecs** or **Rds**.', example='cn-hangzhou'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to which the host to be imported belongs.

> You can call the [ListNetworkDomains](https://help.aliyun.com/document_detail/2758827.html) operation to query the network domain ID.', example='1'),
  OSType?: string(name='OSType', description='The operating system of the host that you want to create. Valid values:

*   **Linux**
*   **Windows**

This parameter is required.', example='Linux'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which you want to import the host.

> For information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  source?: string(name='Source', description='The source of the host that you want to create. Valid values:

*   **Local**: a host in a data center
*   **Ecs**: an Elastic Compute Service (ECS) instance
*   **Rds**: a host in an ApsaraDB MyBase dedicated cluster

This parameter is required.', example='Local'),
  sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ECS instance or the host in an ApsaraDB MyBase dedicated cluster.

> This parameter is required if the **Source** parameter is set to **Ecs** or **Rds**.', example='i-dfabfda'),
}

model CreateHostResponseBody = {
  hostId?: string(name='HostId', description='The ID of the host.', example='1'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model CreateHostResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateHostResponseBody(name='body'),
}

/**
 * @summary Bastionhost allows you to perform O\\&M operations on hosts from different sources, such as Alibaba Cloud Elastic Compute Service (ECS) instances, servers in on-premises data centers, and servers on other cloud platforms. Before you perform O\\&M operations on hosts by using a bastion host, you must import the hosts to the bastion host. You can call this operation to import a host to a bastion host.
 *
 * @param request CreateHostRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateHostResponse
 */
async function createHostWithOptions(request: CreateHostRequest, runtime: Util.RuntimeOptions): CreateHostResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.activeAddressType)) {
    query['ActiveAddressType'] = request.activeAddressType;
  }
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.hostName)) {
    query['HostName'] = request.hostName;
  }
  if (!Util.isUnset(request.hostPrivateAddress)) {
    query['HostPrivateAddress'] = request.hostPrivateAddress;
  }
  if (!Util.isUnset(request.hostPublicAddress)) {
    query['HostPublicAddress'] = request.hostPublicAddress;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.instanceRegionId)) {
    query['InstanceRegionId'] = request.instanceRegionId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.OSType)) {
    query['OSType'] = request.OSType;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceInstanceId)) {
    query['SourceInstanceId'] = request.sourceInstanceId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateHost',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Bastionhost allows you to perform O\\&M operations on hosts from different sources, such as Alibaba Cloud Elastic Compute Service (ECS) instances, servers in on-premises data centers, and servers on other cloud platforms. Before you perform O\\&M operations on hosts by using a bastion host, you must import the hosts to the bastion host. You can call this operation to import a host to a bastion host.
 *
 * @param request CreateHostRequest
 * @return CreateHostResponse
 */
async function createHost(request: CreateHostRequest): CreateHostResponse {
  var runtime = new Util.RuntimeOptions{};
  return createHostWithOptions(request, runtime);
}

model CreateHostAccountRequest {
  hostAccountName?: string(name='HostAccountName', description='The name of the host account. The name can be up to 128 characters in length.

This parameter is required.', example='abc'),
  hostId?: string(name='HostId', description='The ID of the host to which you want to add a host account.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to add a host account to the host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  passPhrase?: string(name='PassPhrase', description='The passphrase for the private key of the host account.

> You can configure this parameter only if ProtocolName is set to SSH. You do not need to configure this parameter if ProtocolName is set to RDP.', example='****'),
  password?: string(name='Password', description='The password of the host account.', example='****'),
  privateKey?: string(name='PrivateKey', description='The private key of the host account. Specify a Base64-encoded string.

> This parameter is valid only if ProtocolName is set to SSH. You do not need to configure this parameter if ProtocolName is set to RDP. You can configure a password and a private key for the host account at the same time. If both a password and a private key are configured for the host account, Bastionhost preferentially uses the private key for logon.', example='****'),
  protocolName?: string(name='ProtocolName', description='The protocol of the host to which you want to add a host account.

Valid values:

*   SSH
*   RDP

This parameter is required.', example='SSH'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to add a host account to the host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model CreateHostAccountResponseBody = {
  hostAccountId?: string(name='HostAccountId', description='The operation that you want to perform. Set the value to **CreateHostAccount**.', example='1'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model CreateHostAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateHostAccountResponseBody(name='body'),
}

/**
 * @summary After you import a host to a bastion host, you must add an account of the host to the bastion host. This way, O\\&M engineers can use the account to log on to and perform O\\&M operations on the host by using the bastion host.
 *
 * @param request CreateHostAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateHostAccountResponse
 */
async function createHostAccountWithOptions(request: CreateHostAccountRequest, runtime: Util.RuntimeOptions): CreateHostAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountName)) {
    query['HostAccountName'] = request.hostAccountName;
  }
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.passPhrase)) {
    query['PassPhrase'] = request.passPhrase;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.privateKey)) {
    query['PrivateKey'] = request.privateKey;
  }
  if (!Util.isUnset(request.protocolName)) {
    query['ProtocolName'] = request.protocolName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateHostAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary After you import a host to a bastion host, you must add an account of the host to the bastion host. This way, O\\&M engineers can use the account to log on to and perform O\\&M operations on the host by using the bastion host.
 *
 * @param request CreateHostAccountRequest
 * @return CreateHostAccountResponse
 */
async function createHostAccount(request: CreateHostAccountRequest): CreateHostAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return createHostAccountWithOptions(request, runtime);
}

model CreateHostGroupRequest {
  comment?: string(name='Comment', description='The remarks of the asset group. The remarks can be up to 500 characters in length.', example='Local host group.'),
  hostGroupName?: string(name='HostGroupName', description='The name of the asset group. The name can be up to 128 characters in length.

This parameter is required.', example='HostGroup01'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to create an asset group.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to create an asset group.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model CreateHostGroupResponseBody = {
  hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='1'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model CreateHostGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateHostGroupResponseBody(name='body'),
}

/**
 * @summary You can create asset groups based on your business requirements and add assets of the same type to an asset group. This allows you to classify assets and manage multiple assets at a time.
 *
 * @param request CreateHostGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateHostGroupResponse
 */
async function createHostGroupWithOptions(request: CreateHostGroupRequest, runtime: Util.RuntimeOptions): CreateHostGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.hostGroupName)) {
    query['HostGroupName'] = request.hostGroupName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateHostGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary You can create asset groups based on your business requirements and add assets of the same type to an asset group. This allows you to classify assets and manage multiple assets at a time.
 *
 * @param request CreateHostGroupRequest
 * @return CreateHostGroupResponse
 */
async function createHostGroup(request: CreateHostGroupRequest): CreateHostGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return createHostGroupWithOptions(request, runtime);
}

model CreateHostShareKeyRequest {
  hostShareKeyName?: string(name='HostShareKeyName', description='The name of the shared key that you want to create. The name can be a maximum of 128 characters in length.

This parameter is required.', example='name'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  passPhrase?: string(name='PassPhrase', description='The password of the private key. The value is a Base64-encoded string.', example='*****'),
  privateKey?: string(name='PrivateKey', description='The private key. The value is a Base64-encoded string.

>  You can specify a Rivest-Shamir-Adleman (RSA) key that is generated by using the ssh-keygen command or a key that is generated by using the Ed25519 algorithm.

This parameter is required.', example='****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model CreateHostShareKeyResponseBody = {
  hostShareKeyId?: long(name='HostShareKeyId', description='The ID of the shared key.', example='10235'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model CreateHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Bastionhost provides the shared key feature. This feature allows you to manage the private key that is used to log on to a host in a bastion host. This way, you can associate the private key with multiple accounts of the host to make host account management more efficient.
 *
 * @param request CreateHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateHostShareKeyResponse
 */
async function createHostShareKeyWithOptions(request: CreateHostShareKeyRequest, runtime: Util.RuntimeOptions): CreateHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostShareKeyName)) {
    query['HostShareKeyName'] = request.hostShareKeyName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.passPhrase)) {
    query['PassPhrase'] = request.passPhrase;
  }
  if (!Util.isUnset(request.privateKey)) {
    query['PrivateKey'] = request.privateKey;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Bastionhost provides the shared key feature. This feature allows you to manage the private key that is used to log on to a host in a bastion host. This way, you can associate the private key with multiple accounts of the host to make host account management more efficient.
 *
 * @param request CreateHostShareKeyRequest
 * @return CreateHostShareKeyResponse
 */
async function createHostShareKey(request: CreateHostShareKeyRequest): CreateHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createHostShareKeyWithOptions(request, runtime);
}

model CreateNetworkDomainRequest {
  comment?: string(name='Comment', description='The remarks of the network domain. The remarks can be up to 500 characters in length.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to create a network domain.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-lbj3bw4ma02'),
  networkDomainName?: string(name='NetworkDomainName', description='The name of the network domain that you want to create. The name can be up to 128 characters in length.

This parameter is required.'),
  networkDomainType?: string(name='NetworkDomainType', description='The connection mode of the network domain to be created. Valid values:

*   Direct
*   Proxy

This parameter is required.', example='Proxy'),
  proxies?: [ 
    {
      address?: string(name='Address', description='The IP address of the proxy server.', example='``47.104.**.**``'),
      nodeType?: string(name='NodeType', description='The node type of the proxy server. Valid values:

- **Master**: primary proxy server.
- **Slave**: secondary proxy server.', example='Master'),
      password?: string(name='Password', description='The Base64-encoded password of the proxy server.', example='***'),
      port?: int32(name='Port', description='The port of the proxy server.', example='22'),
      proxyType?: string(name='ProxyType', description='The proxy type. Valid values:

- **SSHProxy**
- **HTTPProxy**
- **Socks5Proxy**', example='SSHProxy'),
      user?: string(name='User', description='The username of the proxy server.', example='root'),
    }
  ](name='Proxies', description='The information about the proxy servers.'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to create a network domain.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model CreateNetworkDomainResponseBody = {
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain.', example='31'),
  requestId?: string(name='RequestId', description='The request ID.', example='A2873E9C-A7EA-5735-845C-65D3792623D2'),
}

model CreateNetworkDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateNetworkDomainResponseBody(name='body'),
}

/**
 * @summary Creates a network domain.
 *
 * @param request CreateNetworkDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateNetworkDomainResponse
 */
async function createNetworkDomainWithOptions(request: CreateNetworkDomainRequest, runtime: Util.RuntimeOptions): CreateNetworkDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainName)) {
    query['NetworkDomainName'] = request.networkDomainName;
  }
  if (!Util.isUnset(request.networkDomainType)) {
    query['NetworkDomainType'] = request.networkDomainType;
  }
  if (!Util.isUnset(request.proxies)) {
    query['Proxies'] = request.proxies;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateNetworkDomain',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a network domain.
 *
 * @param request CreateNetworkDomainRequest
 * @return CreateNetworkDomainResponse
 */
async function createNetworkDomain(request: CreateNetworkDomainRequest): CreateNetworkDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return createNetworkDomainWithOptions(request, runtime);
}

model CreateOperationTicketRequest {
  approveComment?: string(name='ApproveComment', description='This parameter is required.'),
  assetAccountName?: string(name='AssetAccountName', description='This parameter is required.', example='root'),
  assetId?: string(name='AssetId', description='This parameter is required.', example='2'),
  effectEndTime?: long(name='EffectEndTime', example='1679393152'),
  effectStartTime?: long(name='EffectStartTime', example='1685600242'),
  instanceId?: string(name='InstanceId', description='This parameter is required.', example='bastionhost-cn-st220aw****'),
  isOneTimeEffect?: boolean(name='IsOneTimeEffect', example='false'),
  protocolName?: string(name='ProtocolName', description='This parameter is required.', example='SSH'),
  regionId?: string(name='RegionId', example='cn-hangzhou'),
}

model CreateOperationTicketResponseBody = {
  operationTicketId?: string(name='OperationTicketId', example='2'),
  requestId?: string(name='RequestId', example='0ECCC399-4D35-48A7-8379-5C6180E66235'),
}

model CreateOperationTicketResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateOperationTicketResponseBody(name='body'),
}

/**
 * @param request CreateOperationTicketRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateOperationTicketResponse
 */
async function createOperationTicketWithOptions(request: CreateOperationTicketRequest, runtime: Util.RuntimeOptions): CreateOperationTicketResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.approveComment)) {
    query['ApproveComment'] = request.approveComment;
  }
  if (!Util.isUnset(request.assetAccountName)) {
    query['AssetAccountName'] = request.assetAccountName;
  }
  if (!Util.isUnset(request.assetId)) {
    query['AssetId'] = request.assetId;
  }
  if (!Util.isUnset(request.effectEndTime)) {
    query['EffectEndTime'] = request.effectEndTime;
  }
  if (!Util.isUnset(request.effectStartTime)) {
    query['EffectStartTime'] = request.effectStartTime;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.isOneTimeEffect)) {
    query['IsOneTimeEffect'] = request.isOneTimeEffect;
  }
  if (!Util.isUnset(request.protocolName)) {
    query['ProtocolName'] = request.protocolName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateOperationTicket',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request CreateOperationTicketRequest
 * @return CreateOperationTicketResponse
 */
async function createOperationTicket(request: CreateOperationTicketRequest): CreateOperationTicketResponse {
  var runtime = new Util.RuntimeOptions{};
  return createOperationTicketWithOptions(request, runtime);
}

model CreatePolicyRequest {
  comment?: string(name='Comment', description='The remarks of the control policy. The remarks can be up to 500 characters in length.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to create a control policy.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-20p364c1w0g'),
  policyName?: string(name='PolicyName', description='The name of the control policy. The name can be up to 128 characters in length.

This parameter is required.', example='policytest'),
  priority?: string(name='Priority', description='The priority of the control policy.

*   Valid values: 1 to 100. The default value is 1, which indicates the highest priority.
*   You can configure the same priority for different control policies. If multiple control policies have the same priority, the control policy that is created at the latest point in time has the highest priority. If a command control policy and a command approval policy contain the same commands, the commands are prioritized in descending order: reject, allow, and approve. In access control policies, a blacklist has a higher priority than a whitelist.', example='1'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to create a control policy.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
}

model CreatePolicyResponseBody = {
  policyId?: string(name='PolicyId', description='The control policy ID.', example='1'),
  requestId?: string(name='RequestId', description='The request ID.', example='7E68165E-1191-5CC2-B54B-5EF7390A5400'),
}

model CreatePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreatePolicyResponseBody(name='body'),
}

/**
 * @summary Configures a command control, command approval, protocol control, or access control policy to manage O\\&M operations. This effectively prevents users from performing high-risk operations or accidental operations to ensure O\\&M security.
 *
 * @param request CreatePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreatePolicyResponse
 */
async function createPolicyWithOptions(request: CreatePolicyRequest, runtime: Util.RuntimeOptions): CreatePolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.priority)) {
    query['Priority'] = request.priority;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreatePolicy',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Configures a command control, command approval, protocol control, or access control policy to manage O\\&M operations. This effectively prevents users from performing high-risk operations or accidental operations to ensure O\\&M security.
 *
 * @param request CreatePolicyRequest
 * @return CreatePolicyResponse
 */
async function createPolicy(request: CreatePolicyRequest): CreatePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createPolicyWithOptions(request, runtime);
}

model CreateRuleRequest {
  comment?: string(name='Comment', description='The remarks of the authorization rule. The remarks can be up to 500 characters in length.', example='comment'),
  databases?: [ 
    {
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='An array that consists of database account IDs.'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='[
    {
        "DatabaseId": "1"
    }
]'),
    }
  ](name='Databases', description='The information about the database that runs on your server.'),
  effectiveEndTime?: long(name='EffectiveEndTime', description='The end time of the validity period of the authorization rule. Specify a UNIX timestamp representing the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.', example='1672502400'),
  effectiveStartTime?: long(name='EffectiveStartTime', description='The start time of the validity period of the authorization rule. Specify a UNIX timestamp representing the number of seconds that have elapsed since January 1, 1970, 00:00:00 UTC.', example='1669630029'),
  hostGroups?: [ 
    {
      hostAccountNames?: [ string ](name='HostAccountNames', description='An array that consists of asset account names.'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='[{"HostGroupId":"1"}]'),
    }
  ](name='HostGroups', description='The information about the asset group that you want to authorize to manage.'),
  hosts?: [ 
    {
      hostAccountIds?: [ string ](name='HostAccountIds', description='An array that consists of host account IDs.'),
      hostId?: string(name='HostId', description='The host ID.', example='[{"HostId":"1"}]'),
    }
  ](name='Hosts', description='The host information.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-5yd2ymfsa0e'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ruleName?: string(name='RuleName', description='The name of the authorization rule. The name can be up to 128 characters in length.

This parameter is required.', example='rule'),
  userGroupIds?: [ string ](name='UserGroupIds', description='An array that consists of user group IDs.'),
  userIds?: [ string ](name='UserIds', description='An array that consists of user IDs.'),
}

model CreateRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='BFA818E3-0A53-51F4-8DB5-AF2A62A6D042'),
  ruleId?: string(name='RuleId', description='The authorization rule ID.', example='1'),
}

model CreateRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateRuleResponseBody(name='body'),
}

/**
 * @summary You can create authorization rules to authorize multiple users to manage assets. You can also specify a validity period for an authorization rule. This way, you can manage users and assets in a more efficient manner and limit the time periods during which users can access assets.
 *
 * @param request CreateRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateRuleResponse
 */
async function createRuleWithOptions(request: CreateRuleRequest, runtime: Util.RuntimeOptions): CreateRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.effectiveEndTime)) {
    query['EffectiveEndTime'] = request.effectiveEndTime;
  }
  if (!Util.isUnset(request.effectiveStartTime)) {
    query['EffectiveStartTime'] = request.effectiveStartTime;
  }
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleName)) {
    query['RuleName'] = request.ruleName;
  }
  if (!Util.isUnset(request.userGroupIds)) {
    query['UserGroupIds'] = request.userGroupIds;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateRule',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary You can create authorization rules to authorize multiple users to manage assets. You can also specify a validity period for an authorization rule. This way, you can manage users and assets in a more efficient manner and limit the time periods during which users can access assets.
 *
 * @param request CreateRuleRequest
 * @return CreateRuleResponse
 */
async function createRule(request: CreateRuleRequest): CreateRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return createRuleWithOptions(request, runtime);
}

model CreateUserRequest {
  comment?: string(name='Comment', description='The remarks of the user that you want to add. The remarks can be up to 500 characters in length.', example='comment'),
  displayName?: string(name='DisplayName', description='The display name of the user that you want to add. The display name can be up to 128 characters in length.

>  If you leave this parameter empty, the logon name is used as the display name.', example='Bob'),
  effectiveEndTime?: long(name='EffectiveEndTime', description='The end time of the validity period of the user. Specify a UNIX timestamp. Unit: seconds.', example='1672502400'),
  effectiveStartTime?: long(name='EffectiveStartTime', description='The start time of the validity period of the user. Specify a UNIX timestamp. Unit: seconds.', example='1669630029'),
  email?: string(name='Email', description='The email address of the user that you want to add.

> 

*   This parameter is required if TwoFactorStatus is set to Enable and TwoFactorMethods is set to email, or if TwoFactorStatus is set to Global and TwoFactorMethods is set to email in the global two-factor authentication settings.

*   You can call the [GetInstanceTwoFactor](https://help.aliyun.com/document_detail/462968.html) operation to query the global two-factor authentication settings.', example='username@example.com'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which you want to add a user.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  language?: string(name='Language', description='This parameter is required if LanguageStatus is set to Custom. Valid values:

*   **zh-cn**: simplified Chinese.
*   **en**: English.', example='en'),
  languageStatus?: string(name='LanguageStatus', description='Specifies whether to send notifications in the language specified in the global settings or a custom language.

*   **Global**
*   **Custom**

>  If you leave this parameter empty, the default value Global is used.', example='Custom'),
  mobile?: string(name='Mobile', description='The mobile phone number of the user that you want to add.

> 

*   This parameter is required if TwoFactorStatus is set to Enable and TwoFactorMethods is set to sms or dingtalk, or if TwoFactorStatus is set to Global and TwoFactorMethods is set to sms or dingtalk in the global two-factor authentication settings.

*   You can call the [GetInstanceTwoFactor](https://help.aliyun.com/document_detail/462968.html) operation to query the global two-factor authentication settings.', example='1359999****'),
  mobileCountryCode?: string(name='MobileCountryCode', description='The location where the mobile phone number of the user is registered. Default value: CN. Valid values:

*   **CN**: the Chinese mainland, whose international dialing code is +86.
*   **HK**: Hong Kong (China), whose international dialing code is +852.
*   **MO**: Macao (China), whose international dialing code is +853.
*   **TW**: Taiwan (China), whose international dialing code is +886.
*   **RU**: Russia, whose international dialing code is +7.
*   **SG**: Singapore, whose international dialing code is +65.
*   **MY**: Malaysia, whose international dialing code is +60.
*   **ID**: Indonesia, whose international dialing code is +62.
*   **DE**: Germany, whose international dialing code is +49.
*   **AU**: Australia, whose international dialing code is +61.
*   **US**: US, whose international dialing code is +1.
*   **AE**: United Arab Emirates, whose international dialing code is +971.
*   **JP**: Japan, whose international dialing code is +81.
*   **GB**: UK, whose international dialing code is +44.
*   **IN**: India, whose international dialing code is +91.
*   **KR**: Republic of Korea, whose international dialing code is +82.
*   **PH**: Philippines, whose international dialing code is +63.
*   **CH**: Switzerland, whose international dialing code is +41.
*   **SE:** Sweden, whose international dialing code is +46.
*   **SA:** Saudi Arabia, whose international dialing code is +966.', example='CN'),
  needResetPassword?: boolean(name='NeedResetPassword', description='Specifies whether password reset is required upon the next logon. Valid values:

*   **true**
*   **false**

>  If you leave this parameter empty, the default value false is used.', example='true'),
  password?: string(name='Password', description='The logon password of the user that you want to add. The logon password must be 8 to 128 characters in length. It must contain uppercase letters, lowercase letters, digits, and special characters.

> This parameter is required if Source is set to Local.', example='213****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which you want to add a user.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  source?: string(name='Source', description='The type of the user that you want to add. Valid values:

*   **Local**: a local user.
*   **Ram**: a RAM user.
*   **AD**: an AD-authenticated user.
*   **LDAP**: an LDAP-authenticated user.

This parameter is required.', example='local'),
  sourceUserId?: string(name='SourceUserId', description='The unique ID of the user that you want to add.

> 

*   This parameter uniquely identifies a RAM user of the bastion host. This parameter is required if Source is set to Ram. You can call the [ListUsers](https://help.aliyun.com/document_detail/28684.html) operation in RAM to obtain the unique ID of the user from the UserId response parameter.

*   This parameter is required if Source is set to AD or LDAP. Specify the distinguished name (DN) of the Active Directory (AD)-authenticated user or Lightweight Directory Access Protocol (LDAP)-authenticated user that you want to add.', example='122748924538****'),
  twoFactorMethods?: string(name='TwoFactorMethods', description='The two-factor authentication method. You can select only one method. Valid values:

*   **sms**: text message-based two-factor authentication.
*   **email**: email-based two-factor authentication.
*   **dingtalk**: DingTalk-based two-factor authentication.
*   **totp OTP**: one-time password (OTP) token-based two-factor authentication.

>  If TwoFactorStatus is set to Enable, you must select one of the preceding values for TwoFactorMethods.', example='["sms"]'),
  twoFactorStatus?: string(name='TwoFactorStatus', description='Specifies whether two-factor authentication is enabled for the user. Valid values:

*   **Global**: The global settings apply.
*   **Disable**: Two-factor authentication is disabled.
*   **Enable**: Two-factor authentication is enabled and user-specific settings apply.

>  If you leave this parameter empty, the default value Global is used.', example='Enable'),
  userName?: string(name='UserName', description='The logon name of the user that you want to add. The logon name must be 1 to 128 characters in length and can contain only letters, digits, and underscores (_).

This parameter is required.', example='abc_def'),
}

model CreateUserResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  userId?: string(name='UserId', description='The ID of the user that is added.', example='1'),
}

model CreateUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateUserResponseBody(name='body'),
}

/**
 * @summary Adds a user to a bastion host.
 *
 * @description You can call the CreateUser operation to add local users, Resource Access Management (RAM) users, Active Directory (AD)-authenticated users, or Lightweight Directory Access Protocol (LDAP)-authenticated users to a bastion host. After a Bastionhost administrator adds a user to a bastion host, O\\&M engineers can log on to the bastion host as the user to perform O\\&M operations on the hosts that the user is authorized to manage.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds a limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limits when you call this operation.
 *
 * @param request CreateUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateUserResponse
 */
async function createUserWithOptions(request: CreateUserRequest, runtime: Util.RuntimeOptions): CreateUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.effectiveEndTime)) {
    query['EffectiveEndTime'] = request.effectiveEndTime;
  }
  if (!Util.isUnset(request.effectiveStartTime)) {
    query['EffectiveStartTime'] = request.effectiveStartTime;
  }
  if (!Util.isUnset(request.email)) {
    query['Email'] = request.email;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.languageStatus)) {
    query['LanguageStatus'] = request.languageStatus;
  }
  if (!Util.isUnset(request.mobile)) {
    query['Mobile'] = request.mobile;
  }
  if (!Util.isUnset(request.mobileCountryCode)) {
    query['MobileCountryCode'] = request.mobileCountryCode;
  }
  if (!Util.isUnset(request.needResetPassword)) {
    query['NeedResetPassword'] = request.needResetPassword;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceUserId)) {
    query['SourceUserId'] = request.sourceUserId;
  }
  if (!Util.isUnset(request.twoFactorMethods)) {
    query['TwoFactorMethods'] = request.twoFactorMethods;
  }
  if (!Util.isUnset(request.twoFactorStatus)) {
    query['TwoFactorStatus'] = request.twoFactorStatus;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Adds a user to a bastion host.
 *
 * @description You can call the CreateUser operation to add local users, Resource Access Management (RAM) users, Active Directory (AD)-authenticated users, or Lightweight Directory Access Protocol (LDAP)-authenticated users to a bastion host. After a Bastionhost administrator adds a user to a bastion host, O\\&M engineers can log on to the bastion host as the user to perform O\\&M operations on the hosts that the user is authorized to manage.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds a limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limits when you call this operation.
 *
 * @param request CreateUserRequest
 * @return CreateUserResponse
 */
async function createUser(request: CreateUserRequest): CreateUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return createUserWithOptions(request, runtime);
}

model CreateUserGroupRequest {
  comment?: string(name='Comment', description='The description of the user group. The description can be up to 500 characters in length.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to create a user group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to create a user group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupName?: string(name='UserGroupName', description='The name of the user group that you want to create. This name can be a up to 128 characters in length.

This parameter is required.', example='group'),
}

model CreateUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group.', example='1'),
}

model CreateUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateUserGroupResponseBody(name='body'),
}

/**
 * @summary Creates a user group for the specified bastion host.
 *
 * @description You can call this operation to create a user group for a bastion host as an administrator. Then, you can call the [AddUsersToGroup](https://help.aliyun.com/document_detail/204600.html) operation to add users to the user group at a time. After you add the users to the user group, you can authorize and manage the users in a centralized manner.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateUserGroupResponse
 */
async function createUserGroupWithOptions(request: CreateUserGroupRequest, runtime: Util.RuntimeOptions): CreateUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupName)) {
    query['UserGroupName'] = request.userGroupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a user group for the specified bastion host.
 *
 * @description You can call this operation to create a user group for a bastion host as an administrator. Then, you can call the [AddUsersToGroup](https://help.aliyun.com/document_detail/204600.html) operation to add users to the user group at a time. After you add the users to the user group, you can authorize and manage the users in a centralized manner.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateUserGroupRequest
 * @return CreateUserGroupResponse
 */
async function createUserGroup(request: CreateUserGroupRequest): CreateUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return createUserGroupWithOptions(request, runtime);
}

model CreateUserPublicKeyRequest {
  comment?: string(name='Comment', description='The description of the public key. The description can be up to 500 characters in length.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to create a public key for the user.

> You can call the [listinstances](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  publicKey?: string(name='PublicKey', description='The public key. Encode the value by using the Base64 algorithm.

This parameter is required.', example='c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUxGQnQxUUpyT3IxK2hTTGRkbERMZUx4WGRIZ3hBalBxWHJIbWNFNWxqSk8gbm93Y29kZXJAbm93Y29kZXJkZU1hY0Jvb2stUHJvLmxvY2Fs'),
  publicKeyName?: string(name='PublicKeyName', description='The name of the public key.

This parameter is required.', example='Public key of a user'),
  regionId?: string(name='RegionId', description='Specifies the region ID of the bastion host on which you want to create a public key for the user.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user for whom you want to create a public key.

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the user ID.

This parameter is required.', example='1'),
}

model CreateUserPublicKeyResponseBody = {
  publicKeyId?: string(name='PublicKeyId', description='The ID of the public key.', example='1'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='5EAB922E-F476-5DFA-9290-313C608E724B'),
}

model CreateUserPublicKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateUserPublicKeyResponseBody(name='body'),
}

/**
 * @summary Creates a public key for a bastion host user and hosts the public key in the bastion host. This way, O\\&M engineers can use the private key that corresponds to the public key to log on to the bastion host from an O\\&M client.
 *
 * @description You can call the CreateUserPublicKey operation to create a public key for the specified user of a bastion host.
 *
 * @param request CreateUserPublicKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateUserPublicKeyResponse
 */
async function createUserPublicKeyWithOptions(request: CreateUserPublicKeyRequest, runtime: Util.RuntimeOptions): CreateUserPublicKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.publicKey)) {
    query['PublicKey'] = request.publicKey;
  }
  if (!Util.isUnset(request.publicKeyName)) {
    query['PublicKeyName'] = request.publicKeyName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateUserPublicKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a public key for a bastion host user and hosts the public key in the bastion host. This way, O\\&M engineers can use the private key that corresponds to the public key to log on to the bastion host from an O\\&M client.
 *
 * @description You can call the CreateUserPublicKey operation to create a public key for the specified user of a bastion host.
 *
 * @param request CreateUserPublicKeyRequest
 * @return CreateUserPublicKeyResponse
 */
async function createUserPublicKey(request: CreateUserPublicKeyRequest): CreateUserPublicKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createUserPublicKeyWithOptions(request, runtime);
}

model DeleteDatabaseRequest {
  databaseId?: string(name='DatabaseId', description='The ID of the database that you want to delete.

> You can call the [ListDatabases](https://help.aliyun.com/document_detail/2758822.html) operation to query the database ID.

This parameter is required.', example='11'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host from which you want to delete the database.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1ghxxxxx'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteDatabaseResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='81500666-d7f5-4143-8329-0223cc738105'),
}

model DeleteDatabaseResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteDatabaseResponseBody(name='body'),
}

/**
 * @summary Deletes a database.
 *
 * @param request DeleteDatabaseRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteDatabaseResponse
 */
async function deleteDatabaseWithOptions(request: DeleteDatabaseRequest, runtime: Util.RuntimeOptions): DeleteDatabaseResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteDatabase',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a database.
 *
 * @param request DeleteDatabaseRequest
 * @return DeleteDatabaseResponse
 */
async function deleteDatabase(request: DeleteDatabaseRequest): DeleteDatabaseResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteDatabaseWithOptions(request, runtime);
}

model DeleteDatabaseAccountRequest {
  databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account that you want to delete.

>  You can call the [ListDatabaseAccounts](https://help.aliyun.com/document_detail/2758839.html) operation to query the database account ID.

This parameter is required.', example='9'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host from which you want to delete the database account.

> You can call the DescribeInstances operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host from which you want to delete the database account.

> For more information about the mapping between region IDs and region names, [see Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteDatabaseAccountResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='81500666-d7f5-4143-8329-0223cc738105'),
}

model DeleteDatabaseAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteDatabaseAccountResponseBody(name='body'),
}

/**
 * @summary Deletes a database account.
 *
 * @param request DeleteDatabaseAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteDatabaseAccountResponse
 */
async function deleteDatabaseAccountWithOptions(request: DeleteDatabaseAccountRequest, runtime: Util.RuntimeOptions): DeleteDatabaseAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountId)) {
    query['DatabaseAccountId'] = request.databaseAccountId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteDatabaseAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a database account.
 *
 * @param request DeleteDatabaseAccountRequest
 * @return DeleteDatabaseAccountResponse
 */
async function deleteDatabaseAccount(request: DeleteDatabaseAccountRequest): DeleteDatabaseAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteDatabaseAccountWithOptions(request, runtime);
}

model DeleteHostRequest {
  hostId?: string(name='HostId', description='The ID of the host that you want to delete.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to delete the host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to delete the host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteHostResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteHostResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteHostResponseBody(name='body'),
}

/**
 * @summary Deletes the specified host.
 *
 * @param request DeleteHostRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteHostResponse
 */
async function deleteHostWithOptions(request: DeleteHostRequest, runtime: Util.RuntimeOptions): DeleteHostResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteHost',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes the specified host.
 *
 * @param request DeleteHostRequest
 * @return DeleteHostResponse
 */
async function deleteHost(request: DeleteHostRequest): DeleteHostResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteHostWithOptions(request, runtime);
}

model DeleteHostAccountRequest {
  hostAccountId?: string(name='HostAccountId', description='The ID of the host account that you want to remove.

>  You can call the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host from which you want to remove the host account.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host from which you want to remove the host account.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteHostAccountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteHostAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteHostAccountResponseBody(name='body'),
}

/**
 * @summary Removes a host account.
 *
 * @description ## Usage notes
 * This interface is used to delete individual host accounts. If a host account is no longer in use, you can invoke this interface to delete the host account for that host that has been configured on the bastion.
 * >  After you remove the host account, you must enter the username and password of the host when you log on to the host in Bastionhost.  
 * ## QPS Limit
 * The single-user QPS limit of this interface is 10 times/second. If the limit is exceeded, the API call will be stream-limited, which may affect your business, please call reasonably.
 *
 * @param request DeleteHostAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteHostAccountResponse
 */
async function deleteHostAccountWithOptions(request: DeleteHostAccountRequest, runtime: Util.RuntimeOptions): DeleteHostAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountId)) {
    query['HostAccountId'] = request.hostAccountId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteHostAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes a host account.
 *
 * @description ## Usage notes
 * This interface is used to delete individual host accounts. If a host account is no longer in use, you can invoke this interface to delete the host account for that host that has been configured on the bastion.
 * >  After you remove the host account, you must enter the username and password of the host when you log on to the host in Bastionhost.  
 * ## QPS Limit
 * The single-user QPS limit of this interface is 10 times/second. If the limit is exceeded, the API call will be stream-limited, which may affect your business, please call reasonably.
 *
 * @param request DeleteHostAccountRequest
 * @return DeleteHostAccountResponse
 */
async function deleteHostAccount(request: DeleteHostAccountRequest): DeleteHostAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteHostAccountWithOptions(request, runtime);
}

model DeleteHostGroupRequest {
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group that you want to delete.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the asset group ID.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose asset group you want to delete.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose asset group you want to delete.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteHostGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteHostGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteHostGroupResponseBody(name='body'),
}

/**
 * @summary Deletes a host group.
 *
 * @description You can call this operation to delete a single host group. If you no longer need to perform O\\&M operations on all hosts in a host group, you can call this operation to delete the host group.
 * ### Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteHostGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteHostGroupResponse
 */
async function deleteHostGroupWithOptions(request: DeleteHostGroupRequest, runtime: Util.RuntimeOptions): DeleteHostGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteHostGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a host group.
 *
 * @description You can call this operation to delete a single host group. If you no longer need to perform O\\&M operations on all hosts in a host group, you can call this operation to delete the host group.
 * ### Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteHostGroupRequest
 * @return DeleteHostGroupResponse
 */
async function deleteHostGroup(request: DeleteHostGroupRequest): DeleteHostGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteHostGroupWithOptions(request, runtime);
}

model DeleteHostShareKeyRequest {
  hostShareKeyId?: string(name='HostShareKeyId', description='The shared key ID.

>  You must specify this parameter. You can call the [ListHostShareKeys](https://help.aliyun.com/document_detail/462973.html) operation to query the shared key ID.', example='11206'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteHostShareKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Deletes a shared key.
 *
 * @param request DeleteHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteHostShareKeyResponse
 */
async function deleteHostShareKeyWithOptions(request: DeleteHostShareKeyRequest, runtime: Util.RuntimeOptions): DeleteHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a shared key.
 *
 * @param request DeleteHostShareKeyRequest
 * @return DeleteHostShareKeyResponse
 */
async function deleteHostShareKey(request: DeleteHostShareKeyRequest): DeleteHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteHostShareKeyWithOptions(request, runtime);
}

model DeleteNetworkDomainRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose network domain you want to delete.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost_std_intl-sg-uq833e2dz02'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to be deleted.

This parameter is required.', example='2'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose network domain you want to delete.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteNetworkDomainResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='66B9D942-E3C8-5068-A479-5A7B7BF3DE35'),
}

model DeleteNetworkDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteNetworkDomainResponseBody(name='body'),
}

/**
 * @summary Deletes a network domain.
 *
 * @param request DeleteNetworkDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteNetworkDomainResponse
 */
async function deleteNetworkDomainWithOptions(request: DeleteNetworkDomainRequest, runtime: Util.RuntimeOptions): DeleteNetworkDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteNetworkDomain',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a network domain.
 *
 * @param request DeleteNetworkDomainRequest
 * @return DeleteNetworkDomainResponse
 */
async function deleteNetworkDomain(request: DeleteNetworkDomainRequest): DeleteNetworkDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteNetworkDomainWithOptions(request, runtime);
}

model DeletePolicyRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose control policy you want to delete.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy to be deleted.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='1'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeletePolicyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeletePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeletePolicyResponseBody(name='body'),
}

/**
 * @summary Deletes a control policy.
 *
 * @param request DeletePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeletePolicyResponse
 */
async function deletePolicyWithOptions(request: DeletePolicyRequest, runtime: Util.RuntimeOptions): DeletePolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeletePolicy',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a control policy.
 *
 * @param request DeletePolicyRequest
 * @return DeletePolicyResponse
 */
async function deletePolicy(request: DeletePolicyRequest): DeletePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deletePolicyWithOptions(request, runtime);
}

model DeleteRuleRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host from which you want to delete the authorization rule.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host from which you want to delete the authorization rule.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ruleId?: string(name='RuleId', description='The ID of the authorization rule that you want to delete.

>  You can call the [ListRules](https://help.aliyun.com/document_detail/2758868.html) operation to query the authorization rule ID.

This parameter is required.', example='5'),
}

model DeleteRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteRuleResponseBody(name='body'),
}

/**
 * @summary Deletes an authorization rule.
 *
 * @param request DeleteRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteRuleResponse
 */
async function deleteRuleWithOptions(request: DeleteRuleRequest, runtime: Util.RuntimeOptions): DeleteRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteRule',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes an authorization rule.
 *
 * @param request DeleteRuleRequest
 * @return DeleteRuleResponse
 */
async function deleteRule(request: DeleteRuleRequest): DeleteRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteRuleWithOptions(request, runtime);
}

model DeleteUserRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the user to be deleted belongs.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the user to be deleted belongs.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user to be deleted.

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the user ID.

This parameter is required.', example='1'),
}

model DeleteUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteUserResponseBody(name='body'),
}

/**
 * @summary Deletes a bastion host user.
 *
 * @param request DeleteUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteUserResponse
 */
async function deleteUserWithOptions(request: DeleteUserRequest, runtime: Util.RuntimeOptions): DeleteUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a bastion host user.
 *
 * @param request DeleteUserRequest
 * @return DeleteUserResponse
 */
async function deleteUser(request: DeleteUserRequest): DeleteUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteUserWithOptions(request, runtime);
}

model DeleteUserGroupRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to delete the user group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to delete the user group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group that you want to delete.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='１'),
}

model DeleteUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteUserGroupResponseBody(name='body'),
}

/**
 * @summary Deletes a specified user group from a specified bastion host.
 *
 * @param request DeleteUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteUserGroupResponse
 */
async function deleteUserGroupWithOptions(request: DeleteUserGroupRequest, runtime: Util.RuntimeOptions): DeleteUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a specified user group from a specified bastion host.
 *
 * @param request DeleteUserGroupRequest
 * @return DeleteUserGroupResponse
 */
async function deleteUserGroup(request: DeleteUserGroupRequest): DeleteUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteUserGroupWithOptions(request, runtime);
}

model DeleteUserPublicKeyRequest {
  instanceId?: string(name='InstanceId', description='The ID of the Bastionhost instance to which the users to be queried belong.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the Bastionhost instance.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  publicKeyId?: string(name='PublicKeyId', description='The public key ID.

>  You can call the [ListUserPublicKeys](https://help.aliyun.com/document_detail/477555.html) operation to query the public key ID.

This parameter is required.', example='11'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host. For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DeleteUserPublicKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model DeleteUserPublicKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteUserPublicKeyResponseBody(name='body'),
}

/**
 * @summary Deletes a public key from the specified user.
 *
 * @description You can call the DeleteUserPublicKey operation to delete a public key from the specified user of a bastion host.
 *
 * @param request DeleteUserPublicKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteUserPublicKeyResponse
 */
async function deleteUserPublicKeyWithOptions(request: DeleteUserPublicKeyRequest, runtime: Util.RuntimeOptions): DeleteUserPublicKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.publicKeyId)) {
    query['PublicKeyId'] = request.publicKeyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteUserPublicKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a public key from the specified user.
 *
 * @description You can call the DeleteUserPublicKey operation to delete a public key from the specified user of a bastion host.
 *
 * @param request DeleteUserPublicKeyRequest
 * @return DeleteUserPublicKeyResponse
 */
async function deleteUserPublicKey(request: DeleteUserPublicKeyRequest): DeleteUserPublicKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteUserPublicKeyWithOptions(request, runtime);
}

model DescribeInstanceAttributeRequest {
  instanceId?: string(name='InstanceId', description='The ID of the Bastionhost instance.

This parameter is required.', example='bastionhost-cn-78v1ghxxxxx'),
  regionId?: string(name='RegionId', description='The ID of the region.', example='cn-hangzhou'),
}

model DescribeInstanceAttributeResponseBody = {
  instanceAttribute?: {
    appOperationModule?: string(name='AppOperationModule'),
    authorizedSecurityGroups?: [ string ](name='AuthorizedSecurityGroups', description='The IDs of authorized security groups.'),
    bandwidth?: string(name='Bandwidth', description='The total bandwidth of the bastion host.', example='30'),
    bandwidthPackage?: string(name='BandwidthPackage', description='The bandwidth plan ID.', example='5'),
    dbOperationModule?: string(name='DbOperationModule', description='The status of the database O&M feature.', example='Disable'),
    description?: string(name='Description', description='The description of the instance.'),
    eniInstanceId?: string(name='EniInstanceId', description='The ID of the Elastic Network Interface (ENI).', example='eni-bp1455jrzwm7moaxxxxx'),
    expireTime?: long(name='ExpireTime', description='The time when the instance expires.', example='1578326400000'),
    HSMModule?: string(name='HSMModule'),
    IDaaSModule?: string(name='IDaaSModule'),
    instanceId?: string(name='InstanceId', description='The ID of the instance.', example='bastionhost-cn-78v1ghxxxxx'),
    instanceStatus?: string(name='InstanceStatus', description='The status of the instance. Valid values:

*   PENDING: The instance is not initialized.
*   CREATING: The instance is being created.
*   RUNNING: The instance is running.
*   EXPIRED: The instance expired.
*   CREATE_FAILED: The instance fails to be created.
*   UPGRADING: The configurations of the instance are being changed.
*   UPGRADE_FAILED: The configurations of the instance fail to be changed.', example='RUNNING'),
    internetEndpoint?: string(name='InternetEndpoint', description='The public endpoint.', example='drawvxalwb-public.bastionhost.aliyuncs.com'),
    intranetEndpoint?: string(name='IntranetEndpoint', description='The private endpoint.', example='drawvxalwb.bastionhost.aliyuncs.com'),
    kmsSecretModule?: string(name='KmsSecretModule'),
    licenseCode?: string(name='LicenseCode', description='The license code.', example='bhah_ent_50_asset'),
    modifyPasswordModule?: string(name='ModifyPasswordModule', description='The status of the automatic password change feature.

- **Enable**
- **Disable**', example='Enable'),
    networkProxyModule?: string(name='NetworkProxyModule', description='The status of the network domain feature.

- **Enable**
- **Disable**', example='Enable'),
    ports?: [ 
      {
        customPort?: int32(name='CustomPort', description='The custom port.

> Only the SSH and RDP ports can be changed. If no custom O\\\\&M port is specified for the bastion host, the value of StandardPort is returned.', example='600xx'),
        standardPort?: int32(name='StandardPort', description='The standard port of the bastion host. Valid values:

*   **SSH**: 60022.
*   **RDP**: 63389.
*   **HTTPS**: 443.', example='60022'),
      }
    ](name='Ports', description='An array that consists of the O&M ports of the bastion host.'),
    privateExportIps?: [ string ](name='PrivateExportIps', description='An array that consists of the egress private IP addresses of the bastion host.'),
    privateWhiteList?: [ string ](name='PrivateWhiteList', description='The private IP addresses that are allowed to access the instance.'),
    publicExportIps?: [ string ](name='PublicExportIps', description='An array that consists of the egress public IP addresses of the bastion host.'),
    publicIps?: [ string ](name='PublicIps', description='The public IP address.'),
    publicNetworkAccess?: boolean(name='PublicNetworkAccess', description='Indicates whether the Bastionhost instance can be accessed over the Internet.', example='true'),
    publicWhiteList?: [ string ](name='PublicWhiteList', description='The public IP addresses that are allowed to access the instance.'),
    RDModule?: string(name='RDModule'),
    regionId?: string(name='RegionId', description='The region ID of the instance.', example='cn-hangzhou'),
    resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group to which the instance belongs.', example='rg-aekzc427dbl2shy'),
    routerRules?: [ string ](name='RouterRules'),
    scriptDeliverModule?: string(name='ScriptDeliverModule'),
    securityGroupIds?: [ string ](name='SecurityGroupIds', description='The IDs of the security groups to which the instance belongs.'),
    slaveVswitchId?: string(name='SlaveVswitchId'),
    startTime?: long(name='StartTime', description='The time when the instance started.', example='1577681345000'),
    storage?: long(name='Storage', description='The storage capacity of the bastion host. Unit: bytes.', example='2199023255552'),
    vpcId?: string(name='VpcId', description='The ID of the VPC to which the instance belongs.', example='vpc-bp1c85tzgqu1bf5bxxxxx'),
    vswitchId?: string(name='VswitchId', description='The ID of the vSwitch to which the instance connects.', example='vsw-bp1xfwzzfti0kjbfxxxxx'),
    webTerminalModule?: string(name='WebTerminalModule', description='The status of the web terminal.

- **Enable**
- **Disable**', example='Enable'),
    whiteListPolicies?: [ 
      {
        description?: string(name='Description'),
        entry?: string(name='Entry'),
      }
    ](name='WhiteListPolicies'),
  }(name='InstanceAttribute', description='The attribute information about the bastion host.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='082FAB35-6AB9-4FD5-8750-D36673548E76'),
}

model DescribeInstanceAttributeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInstanceAttributeResponseBody(name='body'),
}

/**
 * @summary Queries the attribute information about the specified bastion host. The information includes the ID and remarks of the bastion host.
 *
 * @description ****
 *
 * @param request DescribeInstanceAttributeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInstanceAttributeResponse
 */
async function describeInstanceAttributeWithOptions(request: DescribeInstanceAttributeRequest, runtime: Util.RuntimeOptions): DescribeInstanceAttributeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInstanceAttribute',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the attribute information about the specified bastion host. The information includes the ID and remarks of the bastion host.
 *
 * @description ****
 *
 * @param request DescribeInstanceAttributeRequest
 * @return DescribeInstanceAttributeResponse
 */
async function describeInstanceAttribute(request: DescribeInstanceAttributeRequest): DescribeInstanceAttributeResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInstanceAttributeWithOptions(request, runtime);
}

model DescribeInstancesRequest {
  instanceId?: [ string ](name='InstanceId', description='An array that consists of the IDs of the bastion hosts.', example='bastionhost-cn-78v1ghxxxxx'),
  instanceStatus?: string(name='InstanceStatus', description='The status of the bastion host. Valid values:

*   **PENDING**: The bastion host is not initialized.
*   **CREATING**: The bastion host is being created.
*   **RUNNING**: The bastion host is running.
*   **EXPIRED**: The bastion host expired.
*   **CREATE_FAILED**: The bastion host fails to be created.
*   **UPGRADING**: The configurations of the bastion host are being changed.
*   **UPGRADE_FAILED**: The configurations of the bastion host fail to be changed.', example='RUNNING'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page. Default value: **10**.', example='10'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group to which the bastion host belongs.', example='rg-acfm26ougi****'),
  tag?: [ 
    {
      key?: string(name='Key', description='The key of the tag.', example='test'),
      value?: string(name='Value', description='The value of the tag.', example='testapi'),
    }
  ](name='Tag', description='An array consisting of the tags that are added to the bastion hosts.'),
}

model DescribeInstancesResponseBody = {
  instances?: [ 
    {
      bandWidth?: long(name='BandWidth'),
      description?: string(name='Description', description='The remarks of the bastion host.', example='Test API'),
      expireTime?: long(name='ExpireTime', description='The timestamp when the bastion host expires. Unit: milliseconds.', example='1578326400000'),
      imageVersion?: string(name='ImageVersion', description='The image version of the bastion host.', example='3.0.0'),
      instanceId?: string(name='InstanceId', description='The bastion host ID.', example='bastionhost-cn-78v1gh****'),
      instanceStatus?: string(name='InstanceStatus', description='The status of the bastion host. Valid values:

*   **PENDING**: The bastion host is not initialized.
*   **CREATING**: The bastion host is being created.
*   **RUNNING**: The bastion host is running.
*   **EXPIRED**: The bastion host expired.
*   **CREATE_FAILED**: The bastion host fails to be created.
*   **UPGRADING**: The configurations of the bastion host are being changed.
*   **UPGRADE_FAILED**: The configurations of the bastion host fail to be changed.', example='RUNNING'),
      internetEndpoint?: string(name='InternetEndpoint', description='The public O\\\\&M address of the bastion host.', example='drawvxalwb-public.bastionhost.aliyuncs.com'),
      intranetEndpoint?: string(name='IntranetEndpoint', description='The private O\\\\&M address of the bastion host.', example='drawvxalwb.bastionhost.aliyuncs.com'),
      legacy?: boolean(name='Legacy', description='Indicates whether the bastion host runs an earlier version. Valid values:

*   **true**: The bastion host runs V2 or V3.1.
*   **false**: The bastion host runs V3.2.', example='false'),
      licenseCode?: string(name='LicenseCode', description='The license code of the bastion host.', example='bhah_ent_50_asset'),
      planCode?: string(name='PlanCode', description='The edition of the bastion host. Valid values:

*   **cloudbastion**: Basic Edition.
*   **cloudbastion_ha**: Enterprise Edition.', example='cloudbastion_ha'),
      publicNetworkAccess?: boolean(name='PublicNetworkAccess', description='Indicates whether the bastion host can be accessed from the Internet. Valid values:

*   **true**
*   **false**', example='true'),
      regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
      resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group to which the bastion host belongs.', example='g-acfm26ougi****'),
      slaveVswitchId?: string(name='SlaveVswitchId'),
      startTime?: long(name='StartTime', description='The timestamp when the bastion host is purchased or renewed. Unit: milliseconds.', example='1577681345000'),
      vpcId?: string(name='VpcId', description='The ID of the virtual private cloud (VPC) to which the bastion host belongs.', example='vpc-bp1c85tzgqu1bf5b****'),
      vswitchId?: string(name='VswitchId', description='The ID of the vSwitch to which the bastion host belongs.', example='vsw-bp1xfwzzfti0kjbf****'),
    }
  ](name='Instances', description='An array that consists of the bastion hosts returned.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='61D36C55-AAFC-4678-8FAD-34FEF9E7182E'),
  totalCount?: long(name='TotalCount', description='The total number of bastion hosts that are queried.', example='4'),
}

model DescribeInstancesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInstancesResponseBody(name='body'),
}

/**
 * @summary 堡垒机实例列表
 *
 * @param request DescribeInstancesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInstancesResponse
 */
async function describeInstancesWithOptions(request: DescribeInstancesRequest, runtime: Util.RuntimeOptions): DescribeInstancesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.instanceStatus)) {
    query['InstanceStatus'] = request.instanceStatus;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInstances',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 堡垒机实例列表
 *
 * @param request DescribeInstancesRequest
 * @return DescribeInstancesResponse
 */
async function describeInstances(request: DescribeInstancesRequest): DescribeInstancesResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInstancesWithOptions(request, runtime);
}

model DescribeRegionsRequest {
  acceptLanguage?: string(name='AcceptLanguage', description='The natural language in which responses are returned. Valid values:

*   **zh-CN**: Chinese. This is the default value.
*   **en-US**: English.
*   **ja**: Japanese.', example='zh-CN'),
  regionId?: string(name='RegionId', description='The ID of the region.', example='cn-shenzhen'),
}

model DescribeRegionsResponseBody = {
  regions?: [ 
    {
      localName?: string(name='LocalName', description='The name of the region.', example='China (Hangzhou)'),
      regionEndpoint?: string(name='RegionEndpoint', description='The endpoint of the region.', example='yundun-bastionhost.aliyuncs.com'),
      regionId?: string(name='RegionId', description='The ID of the region.', example='cn-hangzhou'),
    }
  ](name='Regions', description='The information about regions where you can create bastion hosts.'),
  requestId?: string(name='RequestId', description='The ID of request.', example='B7281856-F27D-4ECE-B4F1-50511E550xxx'),
}

model DescribeRegionsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeRegionsResponseBody(name='body'),
}

/**
 * @summary Queries available regions where you can create bastion hosts.
 *
 * @param request DescribeRegionsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeRegionsResponse
 */
async function describeRegionsWithOptions(request: DescribeRegionsRequest, runtime: Util.RuntimeOptions): DescribeRegionsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.acceptLanguage)) {
    query['AcceptLanguage'] = request.acceptLanguage;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeRegions',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries available regions where you can create bastion hosts.
 *
 * @param request DescribeRegionsRequest
 * @return DescribeRegionsResponse
 */
async function describeRegions(request: DescribeRegionsRequest): DescribeRegionsResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeRegionsWithOptions(request, runtime);
}

model DetachDatabaseAccountsFromUserRequest {
  databases?: [ 
    {
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='An array that consists of database account IDs.'),
      databaseId?: string(name='DatabaseId', description='The ID of the database on which you want to revoke permissions.', example='8'),
    }
  ](name='Databases', description='The databases.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the DescribeInstances operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-pe335ipfk01'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
  userId?: string(name='UserId', description='The ID of the user from whom you want to revoke the permissions on databases and database accounts.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model DetachDatabaseAccountsFromUserResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='79D7E114-CB52-5695-AB15-12776C308387'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code that is returned. If **OK** is returned, the operation was successful. If another error code is returned, the operation failed.', example='OK'),
      databaseAccounts?: [ 
        {
          code?: string(name='Code', description='The error code that is returned. If OK is returned, the operation was successful. If another error code is returned, the operation failed.', example='OK'),
          databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account on which the permissions are revoked.', example='9'),
          message?: string(name='Message', description='The error message that is returned.'),
        }
      ](name='DatabaseAccounts', description='A list that shows the operation results of the database accounts.'),
      databaseId?: string(name='DatabaseId', description='The ID of the database on which the permissions are revoked.', example='4'),
      message?: string(name='Message', description='The error message that is returned.'),
      userId?: string(name='UserId', description='The user ID.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachDatabaseAccountsFromUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachDatabaseAccountsFromUserResponseBody(name='body'),
}

/**
 * @summary Revokes permissions on databases and database accounts from a user.
 *
 * @param request DetachDatabaseAccountsFromUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachDatabaseAccountsFromUserResponse
 */
async function detachDatabaseAccountsFromUserWithOptions(request: DetachDatabaseAccountsFromUserRequest, runtime: Util.RuntimeOptions): DetachDatabaseAccountsFromUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachDatabaseAccountsFromUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Revokes permissions on databases and database accounts from a user.
 *
 * @param request DetachDatabaseAccountsFromUserRequest
 * @return DetachDatabaseAccountsFromUserResponse
 */
async function detachDatabaseAccountsFromUser(request: DetachDatabaseAccountsFromUserRequest): DetachDatabaseAccountsFromUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachDatabaseAccountsFromUserWithOptions(request, runtime);
}

model DetachDatabaseAccountsFromUserGroupRequest {
  databases?: [ 
    {
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='An array that consists of database account IDs.'),
      databaseId?: string(name='DatabaseId', description='The ID of the database on which the permissions are to be revoked.', example='4'),
    }
  ](name='Databases', description='The information about the database.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-7mz2v120f0y'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group from which you want to revoke permissions on databases and database accounts.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model DetachDatabaseAccountsFromUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='AC528ED1-C302-56E5-9CB5-ADA625D64FF9'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code that is returned. If OK is returned, the operation was successful. If other error codes are returned, the operation failed.', example='OK'),
      databaseAccounts?: [ 
        {
          code?: string(name='Code', description='The error code that is returned. If OK is returned, the operation was successful. If other error codes are returned, the operation failed.', example='OK'),
          databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account on which the permissions are revoked.', example='5'),
          message?: string(name='Message', description='The error message that is returned.', example='N/A'),
        }
      ](name='DatabaseAccounts', description='A list that shows the authorization results of the database accounts.'),
      databaseId?: string(name='DatabaseId', description='The ID of the database on which the permissions are revoked.', example='27'),
      message?: string(name='Message', description='The error message that is returned.', example='N/A'),
      userGroupId?: string(name='UserGroupId', description='The user group ID.', example='3'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachDatabaseAccountsFromUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachDatabaseAccountsFromUserGroupResponseBody(name='body'),
}

/**
 * @summary Revokes permissions on databases and database accounts from a user group.
 *
 * @param request DetachDatabaseAccountsFromUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachDatabaseAccountsFromUserGroupResponse
 */
async function detachDatabaseAccountsFromUserGroupWithOptions(request: DetachDatabaseAccountsFromUserGroupRequest, runtime: Util.RuntimeOptions): DetachDatabaseAccountsFromUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachDatabaseAccountsFromUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Revokes permissions on databases and database accounts from a user group.
 *
 * @param request DetachDatabaseAccountsFromUserGroupRequest
 * @return DetachDatabaseAccountsFromUserGroupResponse
 */
async function detachDatabaseAccountsFromUserGroup(request: DetachDatabaseAccountsFromUserGroupRequest): DetachDatabaseAccountsFromUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachDatabaseAccountsFromUserGroupWithOptions(request, runtime);
}

model DetachHostAccountsFromHostShareKeyRequest {
  hostAccountIds?: string(name='HostAccountIds', description='The host account IDs.

>  You can call the [ListHostAccountsForHostShareKey](https://help.aliyun.com/document_detail/462975.html) operation to query the host account IDs.

This parameter is required.', example='["1","2","3"]'),
  hostShareKeyId?: string(name='HostShareKeyId', description='The shared key ID.

>  You can call the [ListHostShareKeys](https://help.aliyun.com/document_detail/462973.html) operation to query the shared key ID.

This parameter is required.', example='11'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model DetachHostAccountsFromHostShareKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code returned. If **OK** is returned, the disassociation was successful. If a different error code is returned, the disassociation failed.', example='OK'),
      hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='12407'),
      hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key.', example='11'),
      message?: string(name='Message', description='The error message returned.', example='The host account does not exist'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachHostAccountsFromHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachHostAccountsFromHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Disassociate host accounts from a shared key.
 *
 * @param request DetachHostAccountsFromHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachHostAccountsFromHostShareKeyResponse
 */
async function detachHostAccountsFromHostShareKeyWithOptions(request: DetachHostAccountsFromHostShareKeyRequest, runtime: Util.RuntimeOptions): DetachHostAccountsFromHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountIds)) {
    query['HostAccountIds'] = request.hostAccountIds;
  }
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachHostAccountsFromHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Disassociate host accounts from a shared key.
 *
 * @param request DetachHostAccountsFromHostShareKeyRequest
 * @return DetachHostAccountsFromHostShareKeyResponse
 */
async function detachHostAccountsFromHostShareKey(request: DetachHostAccountsFromHostShareKeyRequest): DetachHostAccountsFromHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachHostAccountsFromHostShareKeyWithOptions(request, runtime);
}

model DetachHostAccountsFromUserRequest {
  hosts?: string(name='Hosts', description='The IDs of the hosts and host accounts on which you want to revoke permissions from the user. You can specify up to 10 host IDs and up to 10 host account IDs for each host. You can specify only host IDs. In this case, the permissions on the specified hosts and all accounts of the hosts are revoked from the user. For more information about this parameter, see the Description of the Hosts parameter section of this topic.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the host IDs and the [ListHostAccountsForUser](https://help.aliyun.com/document_detail/466581.html) operation to query the host account IDs.

This parameter is required.', example='[ {"HostId":"1"}, {"HostId":"2","HostAccountIds":["1","2","3"]}, {"HostId":"3","HostAccountIds":["4","5","6"]}, {"HostId":"4","HostAccountIds":["9","8","7"]} ]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to revoke permissions on the specified hosts and host accounts from the user.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to revoke permissions on the specified hosts and host accounts from the user.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user from whom you want to revoke permissions on the specified hosts and host accounts.

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the user ID.

This parameter is required.', example='1'),
}

model DetachHostAccountsFromUserResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccounts?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether permissions on the specified host accounts were revoked from the user. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountId?: string(name='HostAccountId', description='The host account ID.', example='1'),
          message?: string(name='Message', description='This parameter is deprecated.'),
        }
      ](name='HostAccounts', description='The result of revoking permissions on the specified host accounts from the user.'),
      hostId?: string(name='HostId', description='The host ID.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userId?: string(name='UserId', description='The user ID.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachHostAccountsFromUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachHostAccountsFromUserResponseBody(name='body'),
}

/**
 * @summary Revokes permissions on hosts and host accounts from a user.
 *
 * @param request DetachHostAccountsFromUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachHostAccountsFromUserResponse
 */
async function detachHostAccountsFromUserWithOptions(request: DetachHostAccountsFromUserRequest, runtime: Util.RuntimeOptions): DetachHostAccountsFromUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachHostAccountsFromUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Revokes permissions on hosts and host accounts from a user.
 *
 * @param request DetachHostAccountsFromUserRequest
 * @return DetachHostAccountsFromUserResponse
 */
async function detachHostAccountsFromUser(request: DetachHostAccountsFromUserRequest): DetachHostAccountsFromUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachHostAccountsFromUserWithOptions(request, runtime);
}

model DetachHostAccountsFromUserGroupRequest {
  hosts?: string(name='Hosts', description='The IDs of the host and host account on which you want to revoke permissions from the user group.

You can specify up to 10 host IDs and up to 10 host account IDs for each host. You can specify only host IDs. In this case, the permissions on both the specified hosts and all host accounts of the hosts are revoked from the user group. For more information about this parameter, see the "Description of the Hosts parameter" section of this topic.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='[ {"HostId":"1"}, {"HostId":"2","HostAccountIds":["1","2","3",...]}, {"HostId":"3","HostAccountIds":["4","5","6"]}, {"HostId":"4","HostAccountIds":["9","8","7"]} ]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to revoke permissions on the specified hosts and host accounts from the user group.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to revoke permissions on the specified hosts and host accounts from the user group.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group from which you want to revoke permissions on the specified hosts and host accounts.

>  You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='１'),
}

model DetachHostAccountsFromUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccounts?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether permissions on the specified host account were revoked from the user group. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='１'),
          message?: string(name='Message', description='This parameter is deprecated.'),
        }
      ](name='HostAccounts', description='The result of revoking permissions on the specified host accounts from the user group.'),
      hostId?: string(name='HostId', description='The ID of the host.', example='１'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userGroupId?: string(name='UserGroupId', description='The ID of the group.', example='１'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachHostAccountsFromUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachHostAccountsFromUserGroupResponseBody(name='body'),
}

/**
 * @summary Revokes the permissions on one or more hosts and host accounts from a user group.
 *
 * @param request DetachHostAccountsFromUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachHostAccountsFromUserGroupResponse
 */
async function detachHostAccountsFromUserGroupWithOptions(request: DetachHostAccountsFromUserGroupRequest, runtime: Util.RuntimeOptions): DetachHostAccountsFromUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachHostAccountsFromUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Revokes the permissions on one or more hosts and host accounts from a user group.
 *
 * @param request DetachHostAccountsFromUserGroupRequest
 * @return DetachHostAccountsFromUserGroupResponse
 */
async function detachHostAccountsFromUserGroup(request: DetachHostAccountsFromUserGroupRequest): DetachHostAccountsFromUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachHostAccountsFromUserGroupWithOptions(request, runtime);
}

model DetachHostGroupAccountsFromUserRequest {
  hostGroups?: string(name='HostGroups', description='The ID of the host group and the name of the host account on which you want to revoke permissions from the user. You can specify up to 10 host group IDs and up to 10 host account names for each host group. You can specify only host group IDs. In this case, the permissions on the specified host groups and all host accounts in the host groups are revoked from the user. For more information about this parameter, see the "Description of the HostGroups parameter" section of this topic.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the name of the host account.

This parameter is required.', example='[ {"HostGroupId":"1"}, {"HostGroupId":"2","HostAccountNames":["root","111","abc"]}]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to revoke permissions on the specified host groups and host accounts from the user.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to revoke permissions on the specified host groups and host accounts from the user.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user from which you want to revoke permissions on the specified host groups and host accounts.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model DetachHostGroupAccountsFromUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccountNames?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether permissions on the specified host account were revoked from the user. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='root'),
          message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
        }
      ](name='HostAccountNames', description='The result of revoking permissions on the specified host accounts from the user.'),
      hostGroupId?: string(name='HostGroupId', description='The ID of the host group.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
      userId?: string(name='UserId', description='The ID of the user.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachHostGroupAccountsFromUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachHostGroupAccountsFromUserResponseBody(name='body'),
}

/**
 * @summary Removes host groups and host accounts from the list of host groups and host accounts that a user is authorized to manage.
 *
 * @param request DetachHostGroupAccountsFromUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachHostGroupAccountsFromUserResponse
 */
async function detachHostGroupAccountsFromUserWithOptions(request: DetachHostGroupAccountsFromUserRequest, runtime: Util.RuntimeOptions): DetachHostGroupAccountsFromUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachHostGroupAccountsFromUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes host groups and host accounts from the list of host groups and host accounts that a user is authorized to manage.
 *
 * @param request DetachHostGroupAccountsFromUserRequest
 * @return DetachHostGroupAccountsFromUserResponse
 */
async function detachHostGroupAccountsFromUser(request: DetachHostGroupAccountsFromUserRequest): DetachHostGroupAccountsFromUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachHostGroupAccountsFromUserWithOptions(request, runtime);
}

model DetachHostGroupAccountsFromUserGroupRequest {
  hostGroups?: string(name='HostGroups', description='The ID of the host group and the name of host account on which you want to revoke permissions from the user group. You can specify up to 10 host group IDs and up to 10 host account names for each host group. You can specify only host group IDs. In this case, the permissions on the specified host groups and all host accounts in the host groups are revoked from the user group. For more information about this parameter, see the "Description of the HostGroups parameter" section of this topic.

>  You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group and the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the name of the host account.

This parameter is required.', example='[ {"HostGroupId":"1"}, {"HostGroupId":"2","HostAccountNames":["root","111","abc"]}, {"HostGroupId":"3","HostAccountNames":["root","111","abc"]}, {"HostGroupId":"4","HostAccountNames":["root","111","abc"]}]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to revoke permissions on the specified host groups and host accounts from the user group.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to revoke permissions on the specified host groups and host accounts from the user group.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group from which you want to revoke permissions on the specified host groups and host accounts.

>  You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model DetachHostGroupAccountsFromUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostAccountNames?: [ 
        {
          code?: string(name='Code', description='The return code that indicates whether permissions on the specified host account were revoked from the specified user group. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
          hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='root'),
          message?: string(name='Message', description='This parameter is deprecated.'),
        }
      ](name='HostAccountNames', description='The result of revoking permissions on the specified host accounts from the user group.'),
      hostGroupId?: string(name='HostGroupId', description='The ID of the host group.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.'),
      userGroupId?: string(name='UserGroupId', description='The ID of the group.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model DetachHostGroupAccountsFromUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachHostGroupAccountsFromUserGroupResponseBody(name='body'),
}

/**
 * @summary Revokes permissions on one or more host groups and host accounts from a user group.
 *
 * @description ****
 *
 * @param request DetachHostGroupAccountsFromUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachHostGroupAccountsFromUserGroupResponse
 */
async function detachHostGroupAccountsFromUserGroupWithOptions(request: DetachHostGroupAccountsFromUserGroupRequest, runtime: Util.RuntimeOptions): DetachHostGroupAccountsFromUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachHostGroupAccountsFromUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Revokes permissions on one or more host groups and host accounts from a user group.
 *
 * @description ****
 *
 * @param request DetachHostGroupAccountsFromUserGroupRequest
 * @return DetachHostGroupAccountsFromUserGroupResponse
 */
async function detachHostGroupAccountsFromUserGroup(request: DetachHostGroupAccountsFromUserGroupRequest): DetachHostGroupAccountsFromUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachHostGroupAccountsFromUserGroupWithOptions(request, runtime);
}

model DisableInstancePublicAccessRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose Internet access you want to disable.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
}

model DisableInstancePublicAccessResponseBody = {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose Internet access is disabled.', example='bastionhost-cn-78v1gh****'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='76FAAF15-D3A3-4099-9941-FC408D9FDB4C'),
}

model DisableInstancePublicAccessResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DisableInstancePublicAccessResponseBody(name='body'),
}

/**
 * @summary Disables Internet access for a bastion host.
 *
 * @param request DisableInstancePublicAccessRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DisableInstancePublicAccessResponse
 */
async function disableInstancePublicAccessWithOptions(request: DisableInstancePublicAccessRequest, runtime: Util.RuntimeOptions): DisableInstancePublicAccessResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DisableInstancePublicAccess',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Disables Internet access for a bastion host.
 *
 * @param request DisableInstancePublicAccessRequest
 * @return DisableInstancePublicAccessResponse
 */
async function disableInstancePublicAccess(request: DisableInstancePublicAccessRequest): DisableInstancePublicAccessResponse {
  var runtime = new Util.RuntimeOptions{};
  return disableInstancePublicAccessWithOptions(request, runtime);
}

model DisableRuleRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ruleId?: string(name='RuleId', description='The ID of the authorization rule to be disabled.

>  You can call the [ListRules](https://help.aliyun.com/document_detail/2758868.html) operation to query the authorization rule ID to be disabled.

This parameter is required.', example='1'),
}

model DisableRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='98DBE5C2-7D7A-5393-9E5A-71074336D33B'),
}

model DisableRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DisableRuleResponseBody(name='body'),
}

/**
 * @summary Disables an authorization rule.
 *
 * @param request DisableRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DisableRuleResponse
 */
async function disableRuleWithOptions(request: DisableRuleRequest, runtime: Util.RuntimeOptions): DisableRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DisableRule',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Disables an authorization rule.
 *
 * @param request DisableRuleRequest
 * @return DisableRuleResponse
 */
async function disableRule(request: DisableRuleRequest): DisableRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return disableRuleWithOptions(request, runtime);
}

model EnableInstancePublicAccessRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
}

model EnableInstancePublicAccessResponseBody = {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose Internet access is enabled.', example='bastionhost-cn-78v1gh****'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='D47B5043-FDD6-4FBE-976E-5FC67A23578F'),
}

model EnableInstancePublicAccessResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: EnableInstancePublicAccessResponseBody(name='body'),
}

/**
 * @summary Enables Internet access for a bastion host.
 *
 * @param request EnableInstancePublicAccessRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return EnableInstancePublicAccessResponse
 */
async function enableInstancePublicAccessWithOptions(request: EnableInstancePublicAccessRequest, runtime: Util.RuntimeOptions): EnableInstancePublicAccessResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'EnableInstancePublicAccess',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables Internet access for a bastion host.
 *
 * @param request EnableInstancePublicAccessRequest
 * @return EnableInstancePublicAccessResponse
 */
async function enableInstancePublicAccess(request: EnableInstancePublicAccessRequest): EnableInstancePublicAccessResponse {
  var runtime = new Util.RuntimeOptions{};
  return enableInstancePublicAccessWithOptions(request, runtime);
}

model EnableRuleRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-78v1ghxxxxx'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ruleId?: string(name='RuleId', description='The ID of the authorization rule that you want to enable.

>  You can call the [ListRules](https://help.aliyun.com/document_detail/2758868.html) operation to query the authorization rule ID.

This parameter is required.', example='3'),
}

model EnableRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='4F6C075F-FC86-476E-943B-097BD4E12948'),
}

model EnableRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: EnableRuleResponseBody(name='body'),
}

/**
 * @summary Enables an authorization rule.
 *
 * @param request EnableRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return EnableRuleResponse
 */
async function enableRuleWithOptions(request: EnableRuleRequest, runtime: Util.RuntimeOptions): EnableRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'EnableRule',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables an authorization rule.
 *
 * @param request EnableRuleRequest
 * @return EnableRuleResponse
 */
async function enableRule(request: EnableRuleRequest): EnableRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return enableRuleWithOptions(request, runtime);
}

model GenerateAssetOperationTokenRequest {
  assetAccountId?: string(name='AssetAccountId', description='The ID of the account whose assets the O\\\\&M token takes effect.

>  You must specify at least one of the following parameters: AssetAccountId and AssetAccountName. If you specify both parameters, AssetAccountId takes precedence.', example='2'),
  assetAccountName?: string(name='AssetAccountName', description='The name of the host account. If you use a custom account, enter a real account name.

>  When both AssetAccountId and AssetAccountName are specified, AssetAccountId takes precedence.', example='root'),
  assetAccountPassword?: string(name='AssetAccountPassword', description='The Base64-encoded password. This parameter is required if you want to apply for an O\\\\&M token for a custom account.', example='dGVzdHBhc3N3b3Jk'),
  assetAccountProtocolName?: string(name='AssetAccountProtocolName', description='The name of the protocol. Valid values:

*   SSH
*   RDP
*   Oracle
*   PostgreSQL
*   MySQL
*   SQLServer', example='SSH'),
  assetId?: string(name='AssetId', description='The ID of the asset for which you want to apply for an O\\\\&M token.

This parameter is required.', example='11'),
  assetType?: string(name='AssetType', description='The type of the asset for which you want to apply for an O\\\\&M token. Valid values:

*   **Host**
*   **Database**

This parameter is required.', example='Host'),
  databaseSchema?: string(name='DatabaseSchema', description='The name of the database. If you set OperationMode to Sso and AssetAccountProtocolName to PostgreSQL or Oracle and you select Custom Account for the Database Account parameter, you must specify this parameter.

>This parameter is available only for bastion hosts that run V3.2.44 or later.', example='orcl'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to apply an O\\\\&M token.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  loginAttribute?: string(name='LoginAttribute', description='The logon attribute. If you set OperationMode to Sso and AssetAccountProtocolName to Oracle, you must specify this parameter. Valid values:

*   **SERVICENAME**
*   **SID**

>  This parameter is available only for bastion hosts that run V3.2.44 or later.', example='SID'),
  operationMode?: string(name='OperationMode', description='The O\\\\&M logon method. Valid values:

*   **WebToken**: O\\\\&M token-based logon.
*   **Sso**: Local client-based logon.

>  This parameter is available only for bastion hosts that run V3.2.44 or later. If you do not specify this parameter, the default value WebToken is used.', example='Sso'),
  operationNote?: string(name='OperationNote'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ssoClient?: string(name='SsoClient', description='The type of the local client that you want to perform O\\\\&M operations on Linux assets. If you set OperationMode to Sso and AssetAccountProtocolName to SSH, you must specify this parameter. Valid values:

*   **ssh**: Perform O\\\\&M operations on Linux assets by connecting to a bastion host from an SSH client.
*   **sftp**: Perform O\\\\&M operations on Linux assets by connecting to a bastion host from a Secure File Transfer Protocol (SFTP) client.

>  This parameter is available only for bastion hosts that run V3.2.44 or later.', example='ssh'),
}

model GenerateAssetOperationTokenResponseBody = {
  assetOperationToken?: {
    countLeft?: long(name='CountLeft', description='The remaining number of times that you can use the O\\\\&M token.', example='1'),
    expireTime?: long(name='ExpireTime', description='The time when the O\\\\&M token expires. The value is a UNIX timestamp.', example='1709110797'),
    hasCountLimit?: boolean(name='HasCountLimit', description='Indicates whether the number of times that you can use the O\\\\&M token is limited.', example='true'),
    maxRenewCount?: long(name='MaxRenewCount', description='The maximum number of renewals. A value of 0 indicates that renewal is not supported.', example='10'),
    renewCount?: long(name='RenewCount', description='The number of times the O\\\\&M token is renewed.', example='1'),
    ssoUrl?: string(name='SsoUrl', description='The single sign-on (SSO) URL.', example='sso://eyJOT0RFX0NPTU1PTiI6eyJNb2R******'),
    token?: string(name='Token', description='The O\\\\&M token that you apply for.', example='NmYyMmEzNmMwYzljNGY******'),
    tokenId?: string(name='TokenId', description='The ID of the O\\\\&M token.', example='1'),
  }(name='AssetOperationToken', description='The data returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GenerateAssetOperationTokenResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GenerateAssetOperationTokenResponseBody(name='body'),
}

/**
 * @summary Applies for an O\\&M token.
 *
 * @param request GenerateAssetOperationTokenRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GenerateAssetOperationTokenResponse
 */
async function generateAssetOperationTokenWithOptions(request: GenerateAssetOperationTokenRequest, runtime: Util.RuntimeOptions): GenerateAssetOperationTokenResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.assetAccountId)) {
    query['AssetAccountId'] = request.assetAccountId;
  }
  if (!Util.isUnset(request.assetAccountName)) {
    query['AssetAccountName'] = request.assetAccountName;
  }
  if (!Util.isUnset(request.assetAccountPassword)) {
    query['AssetAccountPassword'] = request.assetAccountPassword;
  }
  if (!Util.isUnset(request.assetAccountProtocolName)) {
    query['AssetAccountProtocolName'] = request.assetAccountProtocolName;
  }
  if (!Util.isUnset(request.assetId)) {
    query['AssetId'] = request.assetId;
  }
  if (!Util.isUnset(request.assetType)) {
    query['AssetType'] = request.assetType;
  }
  if (!Util.isUnset(request.databaseSchema)) {
    query['DatabaseSchema'] = request.databaseSchema;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.loginAttribute)) {
    query['LoginAttribute'] = request.loginAttribute;
  }
  if (!Util.isUnset(request.operationMode)) {
    query['OperationMode'] = request.operationMode;
  }
  if (!Util.isUnset(request.operationNote)) {
    query['OperationNote'] = request.operationNote;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ssoClient)) {
    query['SsoClient'] = request.ssoClient;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GenerateAssetOperationToken',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Applies for an O\\&M token.
 *
 * @param request GenerateAssetOperationTokenRequest
 * @return GenerateAssetOperationTokenResponse
 */
async function generateAssetOperationToken(request: GenerateAssetOperationTokenRequest): GenerateAssetOperationTokenResponse {
  var runtime = new Util.RuntimeOptions{};
  return generateAssetOperationTokenWithOptions(request, runtime);
}

model GetDatabaseRequest {
  databaseId?: string(name='DatabaseId', description='The ID of the database to query.

>  You can call the [ListDatabases](https://help.aliyun.com/document_detail/2758822.html) operation to query the database ID.

This parameter is required.', example='21'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host that manages the database to query.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-wwo36qbv601'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host that manages the database to query.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetDatabaseResponseBody = {
  database?: {
    activeAddressType?: string(name='ActiveAddressType', description='The address type of the database. Valid values:

*   Public
*   Private', example='Public'),
    comment?: string(name='Comment', description='The remarks of the database.', example='comment'),
    databaseId?: string(name='DatabaseId', description='The database ID.', example='22'),
    databaseName?: string(name='DatabaseName', description='The name of the database.', example='test'),
    databasePort?: long(name='DatabasePort', description='The port of the database.', example='3306'),
    databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The internal endpoint of the database.', example='rm-bp1zq******'),
    databasePublicAddress?: string(name='DatabasePublicAddress', description='The public endpoint of the database.', example='rm-uf65******'),
    databaseType?: string(name='DatabaseType', description='The database engine. Valid values:

*   **mysql**
*   **sqlserver**
*   **postgresql**
*   **oracle**', example='MySQL'),
    networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to which the database belongs.', example='45'),
    source?: string(name='Source', description='The database type. Valid values:

*   **Local**: on-premises database.
*   **Rds**: ApsaraDB RDS instance.
*   **PolarDB**: PolarDB cluster.', example='Local'),
    sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB RDS instance or PolarDB cluster.

> If **Source** is set to **Local**, this parameter is empty.', example='i-wz9527ob0e0nftcsffke'),
    sourceInstanceRegionId?: string(name='SourceInstanceRegionId', description='The region ID of the ApsaraDB RDS instance or PolarDB cluster.', example='cn-hangzhou'),
    sourceInstanceState?: string(name='SourceInstanceState', description='The status of the database. Valid values:

*   **Normal**
*   **Release**', example='Normal'),
  }(name='Database', description='The returned detailed information about the database.'),
  requestId?: string(name='RequestId', description='The request ID.', example='4D72B883-9D15-5B05-B987-DFD10EB1FFB4'),
}

model GetDatabaseResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetDatabaseResponseBody(name='body'),
}

/**
 * @summary Queries the detailed information about a database.
 *
 * @param request GetDatabaseRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetDatabaseResponse
 */
async function getDatabaseWithOptions(request: GetDatabaseRequest, runtime: Util.RuntimeOptions): GetDatabaseResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetDatabase',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the detailed information about a database.
 *
 * @param request GetDatabaseRequest
 * @return GetDatabaseResponse
 */
async function getDatabase(request: GetDatabaseRequest): GetDatabaseResponse {
  var runtime = new Util.RuntimeOptions{};
  return getDatabaseWithOptions(request, runtime);
}

model GetDatabaseAccountRequest {
  databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account to query.

>  You can call the [ListDatabaseAccounts](https://help.aliyun.com/document_detail/2758839.html) operation to query the database account ID.

This parameter is required.', example='9'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.
> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-i7m2d7zrw11'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.
> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-beijing'),
}

model GetDatabaseAccountResponseBody = {
  databaseAccount?: {
    databaseAccountId?: string(name='DatabaseAccountId', description='The database account ID.', example='9'),
    databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account.', example='uac'),
    databaseSchema?: string(name='DatabaseSchema', description='The database name. A value is returned for this parameter if the database engine is PostgreSQL or Oracle.', example='orcl'),
    hasPassword?: boolean(name='HasPassword', description='Indicates whether the database account has a password.
Valid values:
* true
* false', example='true'),
    loginAttribute?: string(name='LoginAttribute', description='The logon attribute. A value is returned for this parameter if the database engine is Oracle. Valid values:

*   SERVICENAME
*   SID', example='SID'),
  }(name='DatabaseAccount', description='The returned information about the database account.'),
  requestId?: string(name='RequestId', description='The request ID.', example='FA06D274-8D0A-59FB-8B7E-584C0EEBBFFF'),
}

model GetDatabaseAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetDatabaseAccountResponseBody(name='body'),
}

/**
 * @summary Queries the detailed information about a database account.
 *
 * @param request GetDatabaseAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetDatabaseAccountResponse
 */
async function getDatabaseAccountWithOptions(request: GetDatabaseAccountRequest, runtime: Util.RuntimeOptions): GetDatabaseAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountId)) {
    query['DatabaseAccountId'] = request.databaseAccountId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetDatabaseAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the detailed information about a database account.
 *
 * @param request GetDatabaseAccountRequest
 * @return GetDatabaseAccountResponse
 */
async function getDatabaseAccount(request: GetDatabaseAccountRequest): GetDatabaseAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return getDatabaseAccountWithOptions(request, runtime);
}

model GetExportConfigJobRequest {
  instanceId?: string(name='InstanceId', description='This parameter is required.', example='bastionhost-cn-st220aw****'),
  jobId?: string(name='JobId', description='This parameter is required.', example='2'),
  regionId?: string(name='RegionId', example='cn-hangzhou'),
}

model GetExportConfigJobResponseBody = {
  downloadUrl?: string(name='DownloadUrl', example='https://bastionhost-cn-hangzhou-164***.oss-cn-hangzhou.aliyuncs.com/bastionhost-cn-2******'),
  expireTime?: long(name='ExpireTime', example='1679393152'),
  jobId?: string(name='JobId', example='2'),
  message?: string(name='Message', example='message'),
  requestId?: string(name='RequestId', example='98DBE5C2-7D7A-5393-9E5A-71074336D33B'),
  status?: string(name='Status', example='Success'),
}

model GetExportConfigJobResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetExportConfigJobResponseBody(name='body'),
}

/**
 * @param request GetExportConfigJobRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetExportConfigJobResponse
 */
async function getExportConfigJobWithOptions(request: GetExportConfigJobRequest, runtime: Util.RuntimeOptions): GetExportConfigJobResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.jobId)) {
    query['JobId'] = request.jobId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetExportConfigJob',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request GetExportConfigJobRequest
 * @return GetExportConfigJobResponse
 */
async function getExportConfigJob(request: GetExportConfigJobRequest): GetExportConfigJobResponse {
  var runtime = new Util.RuntimeOptions{};
  return getExportConfigJobWithOptions(request, runtime);
}

model GetHostRequest {
  hostId?: string(name='HostId', description='The ID of the host that you want to query. You can specify only one host ID.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to query the host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to query the host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetHostResponseBody = {
  host?: {
    activeAddressType?: string(name='ActiveAddressType', description='The address type of the host. Valid values:

*   **Public**: a public address
*   **Private**: a private address', example='Public'),
    comment?: string(name='Comment', description='The description of the host.', example='host'),
    hostId?: string(name='HostId', description='The ID of the host.', example='1'),
    hostName?: string(name='HostName', description='The hostname.', example='host'),
    hostPrivateAddress?: string(name='HostPrivateAddress', description='The internal endpoint of the host. The value is a domain name or an IP address.', example='192.168.XX.XX'),
    hostPublicAddress?: string(name='HostPublicAddress', description='The public address of the host. The value is a domain name or an IP address.', example='1.1.XX.XX'),
    networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to which the host belongs.', example='1'),
    OSType?: string(name='OSType', description='The operating system of the host. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
    prefKex?: string(name='PrefKex'),
    protocols?: [ 
      {
        hostFingerPrint?: string(name='HostFingerPrint', description='The fingerprint of the host. This parameter uniquely identifies a host. A value is returned for this parameter only if you have performed O\\\\&M operations on the host by using the bastion host. Otherwise, no value is returned.', example='ssh-ed25519|3e:46:5a:e1:1f:0d:39:7e:61:35:d5:fa:7b:2b:**:**'),
        port?: int32(name='Port', description='The service port of the host.', example='22'),
        protocolName?: string(name='ProtocolName', description='The protocol that is used to connect to the host. Valid values:

*   **SSH**
*   **RDP**', example='SSH'),
      }
    ](name='Protocols', description='The protocol information about the host.'),
    source?: string(name='Source', description='The source of the host. Valid values:

*   **Local**: a host in a data center
*   **Ecs**: an Elastic Compute Service (ECS) instance
*   **Rds**: a host in an ApsaraDB MyBase dedicated cluster', example='Local'),
    sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ECS instance or the host in an ApsaraDB MyBase dedicated cluster.

>  If **Local** is returned for the **Source** parameter, no value is returned for this parameter.', example='i-bp19ienyt0yax748****'),
    sourceInstanceState?: string(name='SourceInstanceState', description='The status of the host. Valid values:

*   **Normal**: normal
*   **Release**: released', example='Normal'),
  }(name='Host', description='The returned information about the host.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GetHostResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetHostResponseBody(name='body'),
}

/**
 * @summary Queries the details of a host, such as the name, source, address, protocol, and service port of the host.
 *
 * @param request GetHostRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetHostResponse
 */
async function getHostWithOptions(request: GetHostRequest, runtime: Util.RuntimeOptions): GetHostResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetHost',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the details of a host, such as the name, source, address, protocol, and service port of the host.
 *
 * @param request GetHostRequest
 * @return GetHostResponse
 */
async function getHost(request: GetHostRequest): GetHostResponse {
  var runtime = new Util.RuntimeOptions{};
  return getHostWithOptions(request, runtime);
}

model GetHostAccountRequest {
  hostAccountId?: string(name='HostAccountId', description='The ID of the host account that you want to query.

> You can call the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to query the details of the host account.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to query the details of the host account.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetHostAccountResponseBody = {
  hostAccount?: {
    hasPassword?: boolean(name='HasPassword', description='Indicates whether a password is configured for the host account. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
    hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1'),
    hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='abc'),
    hostId?: string(name='HostId', description='The ID of the host to which the host account belongs.', example='1'),
    hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key.', example='1'),
    hostShareKeyName?: string(name='HostShareKeyName', description='The name of the shared key.', example='name'),
    privateKeyFingerprint?: string(name='PrivateKeyFingerprint', description='The fingerprint of the private key.', example='fe:ca:37:42:30:00:9d:95:e6:73:e5:b0:32:0a:**:**'),
    protocolName?: string(name='ProtocolName', description='The protocol that is used by the host. Valid values:

*   **SSH**
*   **RDP**', example='SSH'),
  }(name='HostAccount', description='The details of the host account that was queried.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GetHostAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetHostAccountResponseBody(name='body'),
}

/**
 * @summary Queries the details of a specified host account.
 *
 * @param request GetHostAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetHostAccountResponse
 */
async function getHostAccountWithOptions(request: GetHostAccountRequest, runtime: Util.RuntimeOptions): GetHostAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountId)) {
    query['HostAccountId'] = request.hostAccountId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetHostAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the details of a specified host account.
 *
 * @param request GetHostAccountRequest
 * @return GetHostAccountResponse
 */
async function getHostAccount(request: GetHostAccountRequest): GetHostAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return getHostAccountWithOptions(request, runtime);
}

model GetHostGroupRequest {
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group to query.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the asset group ID.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose asset group you want to query.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose asset group you want to query.

> For more information about the mapping between region IDs and region names, [see Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetHostGroupResponseBody = {
  hostGroup?: {
    comment?: string(name='Comment', description='The remarks of the asset group.', example='Description'),
    hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='1'),
    hostGroupName?: string(name='HostGroupName', description='The name of the asset group.', example='Host group 1'),
  }(name='HostGroup', description='The returned detailed information about the asset group.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GetHostGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetHostGroupResponseBody(name='body'),
}

/**
 * @summary Queries the details of a specified host group.
 *
 * @param request GetHostGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetHostGroupResponse
 */
async function getHostGroupWithOptions(request: GetHostGroupRequest, runtime: Util.RuntimeOptions): GetHostGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetHostGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the details of a specified host group.
 *
 * @param request GetHostGroupRequest
 * @return GetHostGroupResponse
 */
async function getHostGroup(request: GetHostGroupRequest): GetHostGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return getHostGroupWithOptions(request, runtime);
}

model GetHostShareKeyRequest {
  hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key whose information you want to query.

>  You can call the [ListHostShareKeys](https://help.aliyun.com/document_detail/462973.html) operation to query the shared key ID.

This parameter is required.', example='10427'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetHostShareKeyResponseBody = {
  hostShareKey?: {
    hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key.', example='10427'),
    hostShareKeyName?: string(name='HostShareKeyName', description='The name of the shared key.', example='name'),
    lastModifyKeyAt?: long(name='LastModifyKeyAt', description='The time when the information about the shared key was last modified. The value is a UNIX timestamp. Unit: seconds.', example='1644287246'),
    privateKeyFingerPrint?: string(name='PrivateKeyFingerPrint', description='The fingerprint of the private key.', example='***'),
  }(name='HostShareKey', description='The returned information about the shared key.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GetHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Queries the information about a shared key.
 *
 * @param request GetHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetHostShareKeyResponse
 */
async function getHostShareKeyWithOptions(request: GetHostShareKeyRequest, runtime: Util.RuntimeOptions): GetHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information about a shared key.
 *
 * @param request GetHostShareKeyRequest
 * @return GetHostShareKeyResponse
 */
async function getHostShareKey(request: GetHostShareKeyRequest): GetHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return getHostShareKeyWithOptions(request, runtime);
}

model GetInstanceADAuthServerRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetInstanceADAuthServerResponseBody = {
  AD?: {
    account?: string(name='Account', description='The distinguished name (DN) of the AD server account.', example='cn=Manager,dc=test,dc=com'),
    baseDN?: string(name='BaseDN', description='The Base DN of the AD server.', example='dc=test,dc=com'),
    domain?: string(name='Domain', description='The domain on the AD server.', example='domain'),
    emailMapping?: string(name='EmailMapping', description='The field that is used to indicate the email address of a user on the AD server.', example='emailAttr'),
    filter?: string(name='Filter', description='The condition that is used to filter users.', example='(&(objectClass=top))'),
    hasPassword?: boolean(name='HasPassword', description='Indicates whether passwords are required. Valid values:

*   **true**:
*   **false**', example='true'),
    isSSL?: boolean(name='IsSSL', description='Indicates whether SSL is supported. Valid values:

*   **true**
*   **false**', example='true'),
    mobileMapping?: string(name='MobileMapping', description='The field that is used to indicate the mobile phone number of a user on the AD server.', example='mobileAttr'),
    nameMapping?: string(name='NameMapping', description='The field that is used to indicate the name of a user on the AD server.', example='nameAttr'),
    port?: long(name='Port', description='The port that is used to access the AD server.', example='389'),
    server?: string(name='Server', description='The address of the AD server.', example='192.168.XX.XX'),
    standbyServer?: string(name='StandbyServer', description='The address of the secondary AD server.', example='192.168.XX.XX'),
  }(name='AD', description='The settings of AD authentication.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='89398CFB-4EB6-4C7E-BB3C-EF213AC8FA50'),
}

model GetInstanceADAuthServerResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetInstanceADAuthServerResponseBody(name='body'),
}

/**
 * @summary Queries the settings of Active Directory (AD) authentication on a bastion host.
 *
 * @description ###
 * You can call this operation to query the settings of AD authentication on a bastion host. After you configure AD authentication on a bastion host, you can import AD-authenticated users into the bastion host. After the AD-authenticated users are imported into the bastion host, the AD-authenticated users can log on to the bastion host to perform O\\&M operations on servers.
 * ### Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request GetInstanceADAuthServerRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetInstanceADAuthServerResponse
 */
async function getInstanceADAuthServerWithOptions(request: GetInstanceADAuthServerRequest, runtime: Util.RuntimeOptions): GetInstanceADAuthServerResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetInstanceADAuthServer',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the settings of Active Directory (AD) authentication on a bastion host.
 *
 * @description ###
 * You can call this operation to query the settings of AD authentication on a bastion host. After you configure AD authentication on a bastion host, you can import AD-authenticated users into the bastion host. After the AD-authenticated users are imported into the bastion host, the AD-authenticated users can log on to the bastion host to perform O\\&M operations on servers.
 * ### Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request GetInstanceADAuthServerRequest
 * @return GetInstanceADAuthServerResponse
 */
async function getInstanceADAuthServer(request: GetInstanceADAuthServerRequest): GetInstanceADAuthServerResponse {
  var runtime = new Util.RuntimeOptions{};
  return getInstanceADAuthServerWithOptions(request, runtime);
}

model GetInstanceLDAPAuthServerRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetInstanceLDAPAuthServerResponseBody = {
  LDAP?: {
    account?: string(name='Account', description='The account of the LDAP server.', example='cn=Manager,dc=test,dc=com'),
    baseDN?: string(name='BaseDN', description='The Base distinguished name (DN).', example='dc=test,dc=com'),
    emailMapping?: string(name='EmailMapping', description='The field that is used to indicate the email address of a user on the LDAP server.', example='emailAttr'),
    filter?: string(name='Filter', description='The condition that is used to filter users.', example='(&(objectClass=top))'),
    hasPassword?: string(name='HasPassword', description='Indicates whether passwords are required. Valid values:

*   **true**: required
*   **false**: not required', example='true'),
    isSSL?: boolean(name='IsSSL', description='Indicates whether SSL is supported. Valid values:

*   **true**: supported
*   **false**: not supported', example='true'),
    loginNameMapping?: string(name='LoginNameMapping', description='The field that is used to indicate the logon name of a user on the LDAP server.', example='userNameAttr'),
    mobileMapping?: string(name='MobileMapping', description='The field that is used to indicate the mobile phone number of a user on the LDAP server.', example='mobileAttr'),
    nameMapping?: string(name='NameMapping', description='The field that is used to indicate the name of a user on the LDAP server.', example='nameAttr'),
    port?: long(name='Port', description='The port that is used to access the LDAP server.', example='389'),
    server?: string(name='Server', description='The address of the LDAP server.', example='192.168.XX.XX'),
    standbyServer?: string(name='StandbyServer', description='The address of the secondary LDAP server.', example='192.168.XX.XX'),
  }(name='LDAP', description='The settings of LDAP authentication.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='1C60E741-102D-5E8F-9710-B06D3F0183FE'),
}

model GetInstanceLDAPAuthServerResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetInstanceLDAPAuthServerResponseBody(name='body'),
}

/**
 * @summary Queries the settings of Lightweight Directory Access Protocol (LDAP) authentication on a bastion host.
 *
 * @param request GetInstanceLDAPAuthServerRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetInstanceLDAPAuthServerResponse
 */
async function getInstanceLDAPAuthServerWithOptions(request: GetInstanceLDAPAuthServerRequest, runtime: Util.RuntimeOptions): GetInstanceLDAPAuthServerResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetInstanceLDAPAuthServer',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the settings of Lightweight Directory Access Protocol (LDAP) authentication on a bastion host.
 *
 * @param request GetInstanceLDAPAuthServerRequest
 * @return GetInstanceLDAPAuthServerResponse
 */
async function getInstanceLDAPAuthServer(request: GetInstanceLDAPAuthServerRequest): GetInstanceLDAPAuthServerResponse {
  var runtime = new Util.RuntimeOptions{};
  return getInstanceLDAPAuthServerWithOptions(request, runtime);
}

model GetInstanceStoreInfoRequest {
  instanceId?: string(name='InstanceId', description='This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', example='cn-hangzhou'),
}

model GetInstanceStoreInfoResponseBody = {
  max?: long(name='Max', example='102400'),
  requestId?: string(name='RequestId', example='5EAB922E-F476-5DFA-9290-313C608E724B'),
  usage?: long(name='Usage', example='1024'),
}

model GetInstanceStoreInfoResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetInstanceStoreInfoResponseBody(name='body'),
}

/**
 * @param request GetInstanceStoreInfoRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetInstanceStoreInfoResponse
 */
async function getInstanceStoreInfoWithOptions(request: GetInstanceStoreInfoRequest, runtime: Util.RuntimeOptions): GetInstanceStoreInfoResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetInstanceStoreInfo',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request GetInstanceStoreInfoRequest
 * @return GetInstanceStoreInfoResponse
 */
async function getInstanceStoreInfo(request: GetInstanceStoreInfoRequest): GetInstanceStoreInfoResponse {
  var runtime = new Util.RuntimeOptions{};
  return getInstanceStoreInfoWithOptions(request, runtime);
}

model GetInstanceTwoFactorRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetInstanceTwoFactorResponseBody = {
  config?: {
    enableTwoFactor?: boolean(name='EnableTwoFactor', description='Indicates whether two-factor authentication is enabled. Valid values:

*   **true**
*   **false**', example='true'),
    skipTwoFactorTime?: long(name='SkipTwoFactorTime', description='The duration within which two-factor authentication is not required after a local user passes two-factor authentication. Valid values: `0 to 168`. Unit: hours.

> If 0 is returned, a local user must pass two-factor authentication every time the local user logs on to the bastion host.', example='1'),
    twoFactorMethods?: [ string ](name='TwoFactorMethods', description='The two-factor authentication methods.'),
  }(name='Config', description='The settings of two-factor authentication.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GetInstanceTwoFactorResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetInstanceTwoFactorResponseBody(name='body'),
}

/**
 * @summary Queries the settings of two-factor authentication on a bastion host.
 *
 * @description You can call this operation to query the settings of two-factor authentication on a bastion host. After you enable two-factor authentication, Bastionhost sends a verification code to a local user when the local user logs on to a bastion host. A local user can log on to the bastion host only when the local user enters the valid username and password and the verification code. This reduces the security risks caused by account information leaks.
 * ### Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request GetInstanceTwoFactorRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetInstanceTwoFactorResponse
 */
async function getInstanceTwoFactorWithOptions(request: GetInstanceTwoFactorRequest, runtime: Util.RuntimeOptions): GetInstanceTwoFactorResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetInstanceTwoFactor',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the settings of two-factor authentication on a bastion host.
 *
 * @description You can call this operation to query the settings of two-factor authentication on a bastion host. After you enable two-factor authentication, Bastionhost sends a verification code to a local user when the local user logs on to a bastion host. A local user can log on to the bastion host only when the local user enters the valid username and password and the verification code. This reduces the security risks caused by account information leaks.
 * ### Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request GetInstanceTwoFactorRequest
 * @return GetInstanceTwoFactorResponse
 */
async function getInstanceTwoFactor(request: GetInstanceTwoFactorRequest): GetInstanceTwoFactorResponse {
  var runtime = new Util.RuntimeOptions{};
  return getInstanceTwoFactorWithOptions(request, runtime);
}

model GetNetworkDomainRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.
> You can call the [DescribeInstances ](https://help.aliyun.com/document_detail/153281.html)operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-i7m2btk6g48'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to query.
> You can call the [ListNetworkDomains ](https://help.aliyun.com/document_detail/2758827.html)operation to query the network domain ID.

This parameter is required.', example='3'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetNetworkDomainResponseBody = {
  networkDomain?: {
    comment?: string(name='Comment', description='The remarks of the network domain.', example='comment'),
    default?: boolean(name='Default', description='Indicates whether the network domain is a built-in network domain.

* **true**
* **false**', example='false'),
    networkDomainId?: string(name='NetworkDomainId', description='The network domain ID.', example='2'),
    networkDomainName?: string(name='NetworkDomainName', description='The name of the network domain.', example='SSH Proxy'),
    networkDomainType?: string(name='NetworkDomainType', description='The connection mode of the network domain. Valid values:

* Direct
* Proxy', example='Proxy'),
    proxies?: [ 
      {
        address?: string(name='Address', description='The IP address of the proxy server.', example='``47.102.**.**``'),
        hasPassword?: boolean(name='HasPassword', description='Indicates whether the proxy server has a password. Valid values:

- **true**
- **false**', example='true'),
        nodeType?: string(name='NodeType', description='The node type of the proxy server. Valid values:
- **Master**: primary proxy server.
- **Slave**: secondary proxy server.', example='Master'),
        port?: int32(name='Port', description='The port of the proxy server.', example='22'),
        proxyState?: string(name='ProxyState', description='The status of the proxy server.

- **Available**
- **Unavailable**', example='Unavailable'),
        proxyStateErrorCode?: string(name='ProxyStateErrorCode', description='The error code that indicates the status of the proxy server.

- **CHECK_PWD_FAILED**: The password is invalid.
- **CHECK_PWD_TIMEOUT**: The password verification session timed out.
- **CHECK_PWD_NETWORK_ERR**: A network error occurred.
- **UNEXPECTED**: An unknown error occurred.', example='CHECK_PWD_TIMEOUT'),
        proxyType?: string(name='ProxyType', description='The proxy type. Valid values:

- **SSHProxy**
- **HTTPProxy**
- **Socks5Proxy**', example='HTTPProxy'),
        user?: string(name='User', description='The username of the proxy server.', example='root'),
      }
    ](name='Proxies', description='The information about the proxy servers.'),
  }(name='NetworkDomain', description='The detailed information about the network domain.'),
  requestId?: string(name='RequestId', description='The request ID.', example='05F59944-2E24-595C-B21A-8C9955E60FAF'),
}

model GetNetworkDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetNetworkDomainResponseBody(name='body'),
}

/**
 * @summary Queries the detailed information about a network domain.
 *
 * @param request GetNetworkDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetNetworkDomainResponse
 */
async function getNetworkDomainWithOptions(request: GetNetworkDomainRequest, runtime: Util.RuntimeOptions): GetNetworkDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetNetworkDomain',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the detailed information about a network domain.
 *
 * @param request GetNetworkDomainRequest
 * @return GetNetworkDomainResponse
 */
async function getNetworkDomain(request: GetNetworkDomainRequest): GetNetworkDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return getNetworkDomainWithOptions(request, runtime);
}

model GetPolicyRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the control policy to query belongs.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-zvp2d3syb0g'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to query.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='3'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the control policy to query belongs.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetPolicyResponseBody = {
  policy?: {
    accessTimeRangeConfig?: {
      effectiveTime?: [ 
        {
          days?: [ string ](name='Days', description='The days of a week on which logons are allowed.'),
          hours?: [ string ](name='Hours', description='The time periods during which logons are allowed.'),
        }
      ](name='EffectiveTime', description='The details of the periods during which logons are allowed.'),
    }(name='AccessTimeRangeConfig', description='The details of the logon period restrictions.'),
    approvalConfig?: {
      switchStatus?: string(name='SwitchStatus', description='Indicates whether O\\\\&M approval is enabled in the control policy. Valid values:

*   **On**: O\\\\&M approval is enabled.
*   **Off**: O\\\\&M approval is disabled.', example='Off'),
    }(name='ApprovalConfig', description='The O\\\\&M approval setting.'),
    commandConfig?: {
      approval?: {
        commands?: [ string ](name='Commands', description='An array of commands that can be run only after approval.'),
      }(name='Approval', description='The details of the command approval settings.'),
      deny?: {
        aclType?: string(name='AclType', description='The type of command control. Valid values:

*   white: whitelist mode.
*   black: blacklist mode.', example='black'),
        commands?: [ string ](name='Commands', description='An array of controlled commands.'),
      }(name='Deny', description='The details of the command control setting.'),
    }(name='CommandConfig', description='The details of the command policy.'),
    comment?: string(name='Comment', description='The description of the control policy.', example='comment'),
    IPAclConfig?: {
      aclType?: string(name='AclType', description='The mode of access control on source IP addresses. Valid values:

*   white: whitelist mode.
*   black: blacklist mode.', example='black'),
      IPs?: [ string ](name='IPs', description='The IP addresses from which logons are not allowed.'),
    }(name='IPAclConfig', description='The access control settings on source IP addresses.'),
    policyId?: string(name='PolicyId', description='The ID of the control policy.', example='3'),
    policyName?: string(name='PolicyName', description='The name of the control policy.', example='test'),
    priority?: long(name='Priority', description='The priority of the control policy. A smaller value indicates a higher priority.', example='1'),
    protocolConfig?: {
      RDP?: {
        clipboardDownload?: string(name='ClipboardDownload', description='Indicates whether downloading from the clipboard is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
        clipboardUpload?: string(name='ClipboardUpload', description='Indicates whether file uploading from the clipboard is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
        diskRedirection?: string(name='DiskRedirection', description='Indicates whether driver mapping is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
        recordKeyboard?: string(name='RecordKeyboard', description='Indicates whether keyboard recording is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
      }(name='RDP', description='The configuration details of Remote Desktop Protocol (RDP) options.'),
      SSH?: {
        execCommand?: string(name='ExecCommand', description='Indicates whether remote command execution is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPChannel?: string(name='SFTPChannel', description='Indicates whether the SFTP channel option is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPDownloadFile?: string(name='SFTPDownloadFile', description='Indicates whether file downloading is enabled in SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPMkdir?: string(name='SFTPMkdir', description='Indicates whether folder creation is enabled in SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPRemoveFile?: string(name='SFTPRemoveFile', description='Indicates whether file deletion is enabled in SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPRenameFile?: string(name='SFTPRenameFile', description='Indicates whether file renaming is enabled in SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPRmdir?: string(name='SFTPRmdir', description='Indicates whether folder deletion is enabled in SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable', example='Enable'),
        SFTPUploadFile?: string(name='SFTPUploadFile', description='Indicates whether file uploading is enabled in SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable', example='Enable'),
        SSHChannel?: string(name='SSHChannel', description='Indicates whether the SSH channel option is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
        x11Forwarding?: string(name='X11Forwarding', description='Indicates whether X11 forwarding is enabled. Valid values:

*   Enable
*   Disable', example='Enable'),
      }(name='SSH', description='The configuration details of SSH and SSH File Transfer Protocol (SFTP) options.'),
    }(name='ProtocolConfig', description='The details of protocol control.'),
  }(name='Policy', description='The details of the control policy.'),
  requestId?: string(name='RequestId', description='The request ID.', example='0D29F2C0-8B4B-5861-9474-F3F23D25594B'),
}

model GetPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the detailed information about a control policy.
 *
 * @param request GetPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyResponse
 */
async function getPolicyWithOptions(request: GetPolicyRequest, runtime: Util.RuntimeOptions): GetPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicy',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the detailed information about a control policy.
 *
 * @param request GetPolicyRequest
 * @return GetPolicyResponse
 */
async function getPolicy(request: GetPolicyRequest): GetPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyWithOptions(request, runtime);
}

model GetPolicyAssetScopeRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The control policy ID.

> You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='7'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetPolicyAssetScopeResponseBody = {
  assetScope?: {
    databases?: [ 
      {
        accountScopeType?: string(name='AccountScopeType', description='The scope of database accounts to which the control policy applies. Valid values:

*   **All**: The control policy applies to all database accounts of the database.
*   **AccountId**: The control policy applies to specified database accounts of the database.', example='AccountId'),
        databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='The IDs of database accounts to which the control policy applies.'),
        databaseId?: string(name='DatabaseId', description='The database ID.', example='17'),
      }
    ](name='Databases', description='The databases and database accounts to which the control policy applies.'),
    hostGroups?: [ 
      {
        accountNames?: [ string ](name='AccountNames', description='The asset accounts to which the control policy applies.'),
        accountScopeType?: string(name='AccountScopeType', description='The scope of asset accounts to which the control policy applies. Valid values:

*   **All**: The control policy applies to all accounts in the asset group.
*   **AccountName**: The control policy applies to specified accounts in the asset group.', example='All'),
        hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='4'),
      }
    ](name='HostGroups', description='The asset groups and asset accounts to which the control policy applies.'),
    hosts?: [ 
      {
        accountScopeType?: string(name='AccountScopeType', description='The scope of host accounts to which the control policy applies. Valid values:

*   **All**: The control policy applies to all accounts of the host.
*   **AccountId**: The control policy applies to specified accounts of the host.', example='All'),
        hostAccountIds?: [ string ](name='HostAccountIds', description='The host accounts to which the control policy applies.'),
        hostId?: string(name='HostId', description='The host ID.', example='1'),
      }
    ](name='Hosts', description='The hosts and host accounts to which the control policy applies.'),
    scopeType?: string(name='ScopeType', description='The scope of assets to which the control policy applies.

*   If **All** is returned for this parameter, the control policy applies to all assets.

*   If no value is returned for this parameter, the control policy applies to the assets specified in the return values of Databases, HostGroups, and Hosts.', example='All'),
  }(name='AssetScope', description='The assets to which the control policy applies.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model GetPolicyAssetScopeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyAssetScopeResponseBody(name='body'),
}

/**
 * @summary Queries the assets to which a control policy applies.
 *
 * @param request GetPolicyAssetScopeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyAssetScopeResponse
 */
async function getPolicyAssetScopeWithOptions(request: GetPolicyAssetScopeRequest, runtime: Util.RuntimeOptions): GetPolicyAssetScopeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicyAssetScope',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the assets to which a control policy applies.
 *
 * @param request GetPolicyAssetScopeRequest
 * @return GetPolicyAssetScopeResponse
 */
async function getPolicyAssetScope(request: GetPolicyAssetScopeRequest): GetPolicyAssetScopeResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyAssetScopeWithOptions(request, runtime);
}

model GetPolicyUserScopeRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the control policy to query belongs.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastion-xxxx-xx'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to query.

> You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='1'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the control policy to query belongs.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model GetPolicyUserScopeResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  userScope?: {
    scopeType?: string(name='ScopeType', description='The scope of users to whom the control policy applies.
*   If **All** is returned for this parameter, the control policy applies to all users.

*   If no value is returned for this parameter, the control policy applies to the assets specified in the return values of UserGroupIds and UserIds.', example='All'),
    userGroupIds?: [ string ](name='UserGroupIds', description='The user groups to which the control policy applies.'),
    userIds?: [ string ](name='UserIds', description='The users to whom the control policy applies.'),
  }(name='UserScope', description='The users to whom the control policy applies.'),
}

model GetPolicyUserScopeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyUserScopeResponseBody(name='body'),
}

/**
 * @summary Queries the scope of users to whom a control policy applies.
 *
 * @param request GetPolicyUserScopeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyUserScopeResponse
 */
async function getPolicyUserScopeWithOptions(request: GetPolicyUserScopeRequest, runtime: Util.RuntimeOptions): GetPolicyUserScopeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicyUserScope',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the scope of users to whom a control policy applies.
 *
 * @param request GetPolicyUserScopeRequest
 * @return GetPolicyUserScopeResponse
 */
async function getPolicyUserScope(request: GetPolicyUserScopeRequest): GetPolicyUserScopeResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyUserScopeWithOptions(request, runtime);
}

model GetRuleRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-wwo35essw07'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-beijing'),
  ruleId?: string(name='RuleId', description='The ID of the authorization rule to query.

>  You can call the [ListRules](https://help.aliyun.com/document_detail/2758868.html) operation to query the authorization rule ID.

This parameter is required.', example='18'),
}

model GetRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  rule?: {
    comment?: string(name='Comment', description='The remarks of the authorization rule.', example='comment'),
    databases?: [ 
      {
        databaseAccounts?: [ 
          {
            databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account that the policy authorizes users to manage.', example='5'),
          }
        ](name='DatabaseAccounts', description='The database accounts on which permissions are granted by using the authorization rule.'),
        databaseId?: string(name='DatabaseId', description='The ID of the database that the policy authorizes users to manage.', example='2'),
      }
    ](name='Databases', description='The databases on which permissions are granted by using the authorization rule.'),
    effectiveEndTime?: string(name='EffectiveEndTime', description='The end time of the validity period of the authorization rule. The value is a UNIX timestamp. Unit: seconds.', example='1698720972'),
    effectiveStartTime?: string(name='EffectiveStartTime', description='The start time of the validity period of the authorization rule. The value is a UNIX timestamp. Unit: seconds.', example='1687140883'),
    hostGroups?: [ 
      {
        hostAccountNames?: [ string ](name='HostAccountNames', description='The asset accounts on which permissions are granted by using the authorization rule.'),
        hostGroupId?: string(name='HostGroupId', description='The ID of the asset group that the policy authorizes users to manage.', example='7'),
      }
    ](name='HostGroups', description='The asset groups on which permissions are granted by using the authorization rule.'),
    hosts?: [ 
      {
        hostAccounts?: [ 
          {
            hostAccountId?: string(name='HostAccountId', description='The ID of the host account that the policy authorizes users to manage.', example='9'),
          }
        ](name='HostAccounts', description='The host accounts that the policy authorizes users to manage.'),
        hostId?: string(name='HostId', description='The ID of the host that the policy authorizes users to manage.', example='52'),
      }
    ](name='Hosts', description='The information about the hosts that the policy authorizes users to manage.'),
    ruleId?: string(name='RuleId', description='The ID of the authorization rule.', example='3'),
    ruleName?: string(name='RuleName', description='The name of the authorization rule.', example='rule'),
    userGroups?: [ 
      {
        userGroupId?: string(name='UserGroupId', description='The ID of the authorized user group.', example='2'),
      }
    ](name='UserGroups', description='The authorized user groups.'),
    users?: [ 
      {
        userId?: string(name='UserId', description='The ID of the authorized user.', example='3'),
      }
    ](name='Users', description='The authorized users.'),
  }(name='Rule', description='The returned information about the authorization rule.'),
}

model GetRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetRuleResponseBody(name='body'),
}

/**
 * @summary Queries the detailed information about an authorization rule.
 *
 * @param request GetRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetRuleResponse
 */
async function getRuleWithOptions(request: GetRuleRequest, runtime: Util.RuntimeOptions): GetRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetRule',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the detailed information about an authorization rule.
 *
 * @param request GetRuleRequest
 * @return GetRuleResponse
 */
async function getRule(request: GetRuleRequest): GetRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return getRuleWithOptions(request, runtime);
}

model GetUserRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query the user.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query the user.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model GetUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  user?: {
    comment?: string(name='Comment', description='The description of the user.', example='comment'),
    displayName?: string(name='DisplayName', description='The display name of the user.', example='Bob'),
    effectiveEndTime?: long(name='EffectiveEndTime', description='The end of the validity period of the user. The value is a UNIX timestamp. Unit: seconds.', example='1672502400'),
    effectiveStartTime?: long(name='EffectiveStartTime', description='The beginning of the validity period of the user. The value is a UNIX timestamp. Unit: seconds.', example='1669630029'),
    email?: string(name='Email', description='The email address of the user.', example='1099**@qq.com'),
    language?: string(name='Language', description='This parameter is required if LanguageStatus is set to Custom.

- **zh-cn**: simplified Chinese.
- **en**: English.', example='en'),
    languageStatus?: string(name='LanguageStatus', description='Indicates whether notifications are sent in the language specified in the global settings or a custom language.

*   **Global**: Global
*   **Custom**: Custom', example='Custom'),
    mobile?: string(name='Mobile', description='The mobile phone number of the user.', example='1359999****'),
    mobileCountryCode?: string(name='MobileCountryCode', description='The location in which the mobile number of the user is registered. Valid values:

*   **CN**: the Chinese mainland, whose country calling code is +86
*   **HK**: Hong Kong (China), whose country calling code is +852
*   **MO**: Macao (China), whose country calling code is +853
*   **TW**: Taiwan (China), whose country calling code is +886
*   **RU**: Russia, whose country calling code is +7
*   **SG**: Singapore, whose country calling code is +65
*   **MY**: Malaysia, whose country calling code is +60
*   **ID**: Indonesia, whose country calling code is +62
*   **DE**: Germany, whose country calling code is +49
*   **AU**: Australia, whose country calling code is +61
*   **US**: US, whose country calling code is +1
*   **AE**: United Arab Emirates, whose country calling code is +971
*   **JP:** Japan, whose country calling code is +81
*   **GB**: UK, whose country calling code is +44
*   **IN**: India, whose country calling code is +91
*   **KR**: Republic of Korea, whose country calling code is +82
*   **PH**: Philippines, whose country calling code is +63
*   **CH**: Switzerland, whose country calling code is +41
*   **SE**: Sweden, whose country calling code is +46', example='CN'),
    needResetPassword?: boolean(name='NeedResetPassword', description='Specifies whether password reset is required upon the next logon. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
    source?: string(name='Source', description='The source of the user. Valid values:

*   **Local**: a local user
*   **Ram**: a RAM user', example='Local'),
    sourceUserId?: string(name='SourceUserId', description='The unique ID of the user.

> This parameter uniquely identifies a RAM user of the bastion host. A value is returned for this parameter if the **Source** parameter is set to **Ram**. No value is returned for this parameter if the **Source** parameter is set to **Local**.', example='122748924538****'),
    twoFactorMethods?: [ string ](name='TwoFactorMethods', description='An array that consists of the details of the two-factor authentication method.'),
    twoFactorStatus?: string(name='TwoFactorStatus', description='The two-factor authentication status of the user. Valid values:

*   **Global**: The global settings are used.
*   **Disable**: The two-factor authentication is disabled.
*   **Enable**: The two-factor authentication is enabled and the user-specific setting is used.', example='Enable'),
    userId?: string(name='UserId', description='The ID of the user.', example='1'),
    userName?: string(name='UserName', description='The logon name of the user.', example='abcabc_def'),
    userState?: [ string ](name='UserState', description='An array that consists of the details of the user status.'),
  }(name='User', description='The detailed information about the queried user.'),
}

model GetUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetUserResponseBody(name='body'),
}

/**
 * @summary Queries the details of a user of the specified bastion host.
 *
 * @param request GetUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetUserResponse
 */
async function getUserWithOptions(request: GetUserRequest, runtime: Util.RuntimeOptions): GetUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the details of a user of the specified bastion host.
 *
 * @param request GetUserRequest
 * @return GetUserResponse
 */
async function getUser(request: GetUserRequest): GetUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return getUserWithOptions(request, runtime);
}

model GetUserGroupRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to query the details of the user group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to query the details of the user group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model GetUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  userGroup?: {
    comment?: string(name='Comment', description='The description of the user group.', example='comment'),
    userGroupId?: string(name='UserGroupId', description='The ID of the group.', example='1'),
    userGroupName?: string(name='UserGroupName', description='The name of the user group.', example='UserGroup01'),
  }(name='UserGroup', description='The details of the user group returned.'),
}

model GetUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the details of a user group in a bastion host.
 *
 * @param request GetUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetUserGroupResponse
 */
async function getUserGroupWithOptions(request: GetUserGroupRequest, runtime: Util.RuntimeOptions): GetUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the details of a user group in a bastion host.
 *
 * @param request GetUserGroupRequest
 * @return GetUserGroupResponse
 */
async function getUserGroup(request: GetUserGroupRequest): GetUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return getUserGroupWithOptions(request, runtime);
}

model ListApproveCommandsRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-zvp2xvysf08'),
  pageNumber?: string(name='PageNumber', description='The number of the page. Default value: **1**.

This parameter is required.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 1000. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.

This parameter is required.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-beijing'),
}

model ListApproveCommandsResponseBody = {
  approveCommands?: [ 
    {
      approveCommandId?: string(name='ApproveCommandId', description='The ID of the command to be reviewed.', example='1'),
      assetAccountName?: string(name='AssetAccountName', description='The username of the asset account that is used for O\\\\&M.', example='root'),
      assetIp?: string(name='AssetIp', description='The IP address of the asset for O\\\\&M.', example='10.167.XX.XX'),
      assetName?: string(name='AssetName', description='The name of the asset.', example='poros-test'),
      clientIp?: string(name='ClientIp', description='The source IP address from which the application is submitted.', example='172.18.XX.XX'),
      clientUser?: string(name='ClientUser', description='The Bastionhost user who submitted the O\\\\&M application.', example='test'),
      command?: string(name='Command', description='The command to be reviewed.', example='/bin/bash'),
      createTime?: string(name='CreateTime', description='The time when the O\\\\&M application was submitted. The value is a UNIX timestamp. Unit: seconds.', example='1679393152'),
      protocolName?: string(name='ProtocolName', description='The O\\\\&M protocol.', example='SSH'),
      sessionId?: string(name='SessionId', description='The ID of the O\\\\&M session that triggered the review.', example='95f873ab64a76d5b0000000000004d5e'),
      state?: string(name='State', description='The status of the review. Valid values: **Wait**: The command is pending review.', example='Wait'),
    }
  ](name='ApproveCommands', description='The commands to be reviewed.'),
  requestId?: string(name='RequestId', description='The request ID.', example='E3EF7711-766D-5888-997B-EFBA76809229'),
  totalCount?: long(name='TotalCount', description='The total number of commands to be reviewed.', example='15'),
}

model ListApproveCommandsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListApproveCommandsResponseBody(name='body'),
}

/**
 * @summary Queries commands to be reviewed.
 *
 * @description You can call this operation to query commands to be reviewed by a Bastionhost administrator.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ListApproveCommandsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListApproveCommandsResponse
 */
async function listApproveCommandsWithOptions(request: ListApproveCommandsRequest, runtime: Util.RuntimeOptions): ListApproveCommandsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListApproveCommands',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries commands to be reviewed.
 *
 * @description You can call this operation to query commands to be reviewed by a Bastionhost administrator.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ListApproveCommandsRequest
 * @return ListApproveCommandsResponse
 */
async function listApproveCommands(request: ListApproveCommandsRequest): ListApproveCommandsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listApproveCommandsWithOptions(request, runtime);
}

model ListDatabaseAccountsRequest {
  databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account to query. The name can be up to 128 characters in length. Only exact match is supported.', example='test'),
  databaseId?: string(name='DatabaseId', description='The ID of the database whose database accounts you want to query.

>  You can call the [ListDatabases](https://help.aliyun.com/document_detail/2758822.html) operation to query the database ID.', example='3'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the DescribeInstances operation to query the bastion host ID.[](~~153281~~)

This parameter is required.', example='bastionhost-cn-7mz2za0ro06'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
}

model ListDatabaseAccountsResponseBody = {
  databaseAccounts?: [ 
    {
      databaseAccountId?: string(name='DatabaseAccountId', description='The database account ID.', example='59'),
      databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account.', example='test'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='4'),
      databaseSchema?: string(name='DatabaseSchema', description='The name of the database. A value is returned for this parameter if the engine of the database with the specified database ID is PostgreSQL or Oracle.', example='orcl'),
      hasPassword?: string(name='HasPassword', description='Indicates whether the database account has a password. Valid values:

*   **true**
*   **false**', example='true'),
    }
  ](name='DatabaseAccounts', description='The returned database accounts.'),
  requestId?: string(name='RequestId', description='The request ID.', example='4F6C075F-FC86-476E-943B-097BD4E12948'),
  totalCount?: long(name='TotalCount', description='The total number of database accounts returned.', example='10'),
}

model ListDatabaseAccountsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDatabaseAccountsResponseBody(name='body'),
}

/**
 * @summary Queries the database accounts of a database.
 *
 * @param request ListDatabaseAccountsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDatabaseAccountsResponse
 */
async function listDatabaseAccountsWithOptions(request: ListDatabaseAccountsRequest, runtime: Util.RuntimeOptions): ListDatabaseAccountsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountName)) {
    query['DatabaseAccountName'] = request.databaseAccountName;
  }
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDatabaseAccounts',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the database accounts of a database.
 *
 * @param request ListDatabaseAccountsRequest
 * @return ListDatabaseAccountsResponse
 */
async function listDatabaseAccounts(request: ListDatabaseAccountsRequest): ListDatabaseAccountsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDatabaseAccountsWithOptions(request, runtime);
}

model ListDatabaseAccountsForUserRequest {
  databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account to query. The name can be up to 128 characters in length. Only exact match is supported.', example='test'),
  databaseId?: string(name='DatabaseId', description='The ID of the database whose accounts you want to query.

This parameter is required.', example='89'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-zz42zoqql01'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
  userId?: string(name='UserId', description='The ID of the user to query. This operation returns whether the user is authorized to manage each database account.

> You can call the ListUsers operation to query the ID of the user.[](~~204522~~)

This parameter is required.', example='2'),
}

model ListDatabaseAccountsForUserResponseBody = {
  databaseAccounts?: [ 
    {
      databaseAccountId?: string(name='DatabaseAccountId', description='The database account ID.', example='6'),
      databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account.', example='test'),
      databaseId?: string(name='DatabaseId', description='The ID of the database to which the database account belongs.', example='70'),
      isAuthorized?: boolean(name='IsAuthorized', description='Indicates whether the user is authorized to manage the database account. Valid values:

*   **true**
*   **false**', example='true'),
      protocolName?: string(name='ProtocolName', description='The protocol used by the database account. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
    }
  ](name='DatabaseAccounts', description='The database accounts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='00E3701B-3616-55FE-93EC-E7CF5480B654'),
  totalCount?: long(name='TotalCount', description='The total number of database accounts that are returned.', example='3'),
}

model ListDatabaseAccountsForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDatabaseAccountsForUserResponseBody(name='body'),
}

/**
 * @summary Queries the database accounts of a database and whether a user is authorized to manage each database account.
 *
 * @param request ListDatabaseAccountsForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDatabaseAccountsForUserResponse
 */
async function listDatabaseAccountsForUserWithOptions(request: ListDatabaseAccountsForUserRequest, runtime: Util.RuntimeOptions): ListDatabaseAccountsForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountName)) {
    query['DatabaseAccountName'] = request.databaseAccountName;
  }
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDatabaseAccountsForUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the database accounts of a database and whether a user is authorized to manage each database account.
 *
 * @param request ListDatabaseAccountsForUserRequest
 * @return ListDatabaseAccountsForUserResponse
 */
async function listDatabaseAccountsForUser(request: ListDatabaseAccountsForUserRequest): ListDatabaseAccountsForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDatabaseAccountsForUserWithOptions(request, runtime);
}

model ListDatabaseAccountsForUserGroupRequest {
  databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account to query. The name can be up to 128 characters in length. Only exact match is supported.', example='test'),
  databaseId?: string(name='DatabaseId', description='The ID of the database whose database accounts you want to query.

>  You can call the [ListDatabaseAccounts](https://help.aliyun.com/document_detail/2758839.html) operation to query the database account ID.

This parameter is required.', example='36'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-pe334a03o0h'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group to query. This operation returns whether the user group is authorized to manage each database account.

>  You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the user group ID.

This parameter is required.', example='3'),
}

model ListDatabaseAccountsForUserGroupResponseBody = {
  databaseAccounts?: [ 
    {
      databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account.', example='4'),
      databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account.', example='root'),
      databaseId?: string(name='DatabaseId', description='The ID of the database to which the database account belongs.', example='11'),
      isAuthorized?: boolean(name='IsAuthorized', description='Indicates whether the user group is authorized to manage the database account. Valid values:

*   **true**
*   **false**', example='true'),
      protocolName?: string(name='ProtocolName', description='The protocol used by the database account. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
    }
  ](name='DatabaseAccounts', description='The database accounts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of database accounts returned.', example='10'),
}

model ListDatabaseAccountsForUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDatabaseAccountsForUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the database accounts of a database and whether a user group is authorized to manage each database account.
 *
 * @param request ListDatabaseAccountsForUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDatabaseAccountsForUserGroupResponse
 */
async function listDatabaseAccountsForUserGroupWithOptions(request: ListDatabaseAccountsForUserGroupRequest, runtime: Util.RuntimeOptions): ListDatabaseAccountsForUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountName)) {
    query['DatabaseAccountName'] = request.databaseAccountName;
  }
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDatabaseAccountsForUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the database accounts of a database and whether a user group is authorized to manage each database account.
 *
 * @param request ListDatabaseAccountsForUserGroupRequest
 * @return ListDatabaseAccountsForUserGroupResponse
 */
async function listDatabaseAccountsForUserGroup(request: ListDatabaseAccountsForUserGroupRequest): ListDatabaseAccountsForUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDatabaseAccountsForUserGroupWithOptions(request, runtime);
}

model ListDatabasesRequest {
  databaseType?: string(name='DatabaseType', description='The engine of the database to query. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group to query. This operation returns the databases in the asset group.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the asset group.', example='20'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to query.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-7mz28f5tk0o'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain where the database to query resides.', example='2'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.
Valid values: 1 to100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to query.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  source?: string(name='Source', description='The type of the database to query. Valid values:

* **Local**: on-premises database.
* **Rds**: ApsaraDB for RDS instance.
* **PolarDB**: PolarDB cluster', example='Local'),
}

model ListDatabasesResponseBody = {
  databases?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the database. Valid values:

* **Public**
* **Private**', example='Public'),
      comment?: string(name='Comment', description='The remarks of the database.', example='comment'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='9'),
      databaseName?: string(name='DatabaseName', description='The name of the database.', example='MySQL0'),
      databasePort?: int32(name='DatabasePort', description='The port of the database.', example='3306'),
      databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The internal address of the database. The value is a domain name or an IP address.', example='rm-wz973w7******'),
      databasePublicAddress?: string(name='DatabasePublicAddress', description='The public address of the database. The value is a domain name or an IP address.', example='rm-uf65n2******'),
      databaseType?: string(name='DatabaseType', description='The database engine. Valid values:
*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
      networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain where the database resides.', example='8'),
      source?: string(name='Source', description='The type of the database. Valid values:

* **Local**: on-premises database.
* **Rds**: ApsaraDB for RDS instance.
* **PolarDB**: PolarDB cluster', example='Local'),
      sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB for RDS instance or PolarDB cluster.
> No value is returned for this parameter if **Source** is set to **Local**.', example='i-wz9ejupczf41******'),
      sourceInstanceRegionId?: string(name='SourceInstanceRegionId', description='The region ID of the ApsaraDB for RDS instance or PolarDB cluster.', example='cn-hangzhou'),
      sourceInstanceState?: string(name='SourceInstanceState', description='The status of the database. Valid values:

* **Normal**
* **Release**', example='Normal'),
    }
  ](name='Databases', description='The databases returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of databases returned.', example='4'),
}

model ListDatabasesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDatabasesResponseBody(name='body'),
}

/**
 * @summary Queries the databases that are managed by a bastion host.
 *
 * @param request ListDatabasesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDatabasesResponse
 */
async function listDatabasesWithOptions(request: ListDatabasesRequest, runtime: Util.RuntimeOptions): ListDatabasesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseType)) {
    query['DatabaseType'] = request.databaseType;
  }
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDatabases',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the databases that are managed by a bastion host.
 *
 * @param request ListDatabasesRequest
 * @return ListDatabasesResponse
 */
async function listDatabases(request: ListDatabasesRequest): ListDatabasesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDatabasesWithOptions(request, runtime);
}

model ListDatabasesForUserRequest {
  databaseAddress?: string(name='DatabaseAddress', description='The address of the database to query. Only exact match is supported.', example='``47.101.**.**``'),
  databaseName?: string(name='DatabaseName', description='The name of the database to query.', example='MySQL-8.0'),
  databaseType?: string(name='DatabaseType', description='The engine of the database to query. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-tl32swayw7o'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain where the database to query resides.', example='5'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**. Pages start from page 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user to query.

This parameter is required.', example='3'),
}

model ListDatabasesForUserResponseBody = {
  databases?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the database. Valid values:

*   **Public**
*   **Private**', example='Private'),
      comment?: string(name='Comment', description='The remarks of the database.', example='comment'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='36'),
      databaseName?: string(name='DatabaseName', description='The database name.', example='MySQL56'),
      databasePort?: long(name='DatabasePort', description='The database port.', example='3306'),
      databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The internal endpoint of the database. The value is a domain name or an IP address.', example='rm-wz97******'),
      databasePublicAddress?: string(name='DatabasePublicAddress', description='The public endpoint of the database. The value is a domain name or an IP address.', example='rm-uf65******'),
      databaseType?: string(name='DatabaseType', description='The database engine. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
      networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain where the database resides.', example='2'),
      source?: string(name='Source', description='The database type. Valid values:

*   **Local**: on-premises database.
*   **Rds**: ApsaraDB RDS instance.
*   **PolarDB**: PolarDB cluster.', example='Local'),
      sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB RDS instance or PolarDB cluster.

>  No value is returned for this parameter if **Source** is set to **Local**.', example='i-wz9fv2hwux78x9h1pmje'),
    }
  ](name='Databases', description='The databases returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='A8A665B9-8550-4942-9DEE-73198051856B'),
  totalCount?: long(name='TotalCount', description='The total number of databases returned.', example='15'),
}

model ListDatabasesForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDatabasesForUserResponseBody(name='body'),
}

/**
 * @summary Queries the databases that a user is authorized to manage.
 *
 * @param request ListDatabasesForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDatabasesForUserResponse
 */
async function listDatabasesForUserWithOptions(request: ListDatabasesForUserRequest, runtime: Util.RuntimeOptions): ListDatabasesForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAddress)) {
    query['DatabaseAddress'] = request.databaseAddress;
  }
  if (!Util.isUnset(request.databaseName)) {
    query['DatabaseName'] = request.databaseName;
  }
  if (!Util.isUnset(request.databaseType)) {
    query['DatabaseType'] = request.databaseType;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDatabasesForUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the databases that a user is authorized to manage.
 *
 * @param request ListDatabasesForUserRequest
 * @return ListDatabasesForUserResponse
 */
async function listDatabasesForUser(request: ListDatabasesForUserRequest): ListDatabasesForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDatabasesForUserWithOptions(request, runtime);
}

model ListDatabasesForUserGroupRequest {
  databaseAddress?: string(name='DatabaseAddress', description='The address of the database to query. Only exact match is supported.', example='``47.101.**.**``'),
  databaseName?: string(name='DatabaseName', description='The name of the database to query.', example='test'),
  databaseType?: string(name='DatabaseType', description='The engine of the database to query. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-7mz2ve7h00a'),
  networkDomainId?: string(name='NetworkDomainId', example='2'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group to query.

This parameter is required.', example='2'),
}

model ListDatabasesForUserGroupResponseBody = {
  databases?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the database. Valid values:

*   **Public**
*   **Private**', example='Private'),
      comment?: string(name='Comment', description='The remarks of the database.', example='comment'),
      databaseAccountCount?: long(name='DatabaseAccountCount', description='The total number of database accounts returned.', example='2'),
      databaseId?: string(name='DatabaseId', description='The ID of the database to which the database account belongs.', example='2'),
      databaseName?: string(name='DatabaseName', description='The name of the database.', example='MySQL0'),
      databasePort?: long(name='DatabasePort', description='The port of the database.', example='3306'),
      databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The internal address of the database. The value is a domain name or an IP address.', example='rm-bp1******'),
      databasePublicAddress?: string(name='DatabasePublicAddress', description='The public address of the database. The value is a domain name or an IP address.', example='rm-uf65******'),
      databaseType?: string(name='DatabaseType', description='The database engine. Valid values:

*   **MySQL**
*   **Oracle**
*   **PostgreSQL**
*   **SQLServer**', example='MySQL'),
      networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain where the database resides.', example='5'),
      source?: string(name='Source', description='The type of the database. Valid values:

*   **Local**: on-premises database.
*   **Rds**: ApsaraDB RDS instance.
*   **PolarDB**: PolarDB cluster.', example='Local'),
      sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB RDS instance or PolarDB cluster.

> No value is returned for this parameter if **Source** is set to **Local**.', example='i-wz9c7mjxywmdmqk7q6e4'),
    }
  ](name='Databases', description='The databases returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of databases returned.', example='15'),
}

model ListDatabasesForUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDatabasesForUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the databases that a user group is authorized to manage.
 *
 * @param request ListDatabasesForUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDatabasesForUserGroupResponse
 */
async function listDatabasesForUserGroupWithOptions(request: ListDatabasesForUserGroupRequest, runtime: Util.RuntimeOptions): ListDatabasesForUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAddress)) {
    query['DatabaseAddress'] = request.databaseAddress;
  }
  if (!Util.isUnset(request.databaseName)) {
    query['DatabaseName'] = request.databaseName;
  }
  if (!Util.isUnset(request.databaseType)) {
    query['DatabaseType'] = request.databaseType;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDatabasesForUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the databases that a user group is authorized to manage.
 *
 * @param request ListDatabasesForUserGroupRequest
 * @return ListDatabasesForUserGroupResponse
 */
async function listDatabasesForUserGroup(request: ListDatabasesForUserGroupRequest): ListDatabasesForUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDatabasesForUserGroupWithOptions(request, runtime);
}

model ListHostAccountsRequest {
  hostAccountName?: string(name='HostAccountName', description='The name of the host account that you want to query. The name can be up to 128 characters in length. Only exact match is supported.', example='abc'),
  hostId?: string(name='HostId', description='The ID of the specified host whose accounts you want to query.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to query accounts of the specified host.

>  You can call the DescribeInstances operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  protocolName?: string(name='ProtocolName', description='The protocol used by the host whose accounts you want to query.

Valid values:

*   SSH
*   RDP', example='SSH'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to query accounts of the specified host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListHostAccountsResponseBody = {
  hostAccounts?: [ 
    {
      hasPassword?: boolean(name='HasPassword', description='Indicates whether a password is configured for the host account.

Valid values:

*   true: A password is configured for the host account.
*   false: No passwords are configured for the host account.', example='true'),
      hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1'),
      hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='abc'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key.', example='1'),
      hostShareKeyName?: string(name='HostShareKeyName', description='The name of the shared key.', example='name'),
      privateKeyFingerprint?: string(name='PrivateKeyFingerprint', description='The fingerprint of the private key for the host account.', example='fe:ca:37:42:30:00:9d:95:e6:73:e5:b0:32:0a:**:**'),
      protocolName?: string(name='ProtocolName', description='The protocol that is used by the host.

Valid values:

*   SSH
*   RDP', example='SSH'),
    }
  ](name='HostAccounts', description='An array that consists of the queried host accounts.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of host accounts that are queried.', example='1'),
}

model ListHostAccountsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostAccountsResponseBody(name='body'),
}

/**
 * @summary Queries accounts of a specified host.
 *
 * @param request ListHostAccountsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostAccountsResponse
 */
async function listHostAccountsWithOptions(request: ListHostAccountsRequest, runtime: Util.RuntimeOptions): ListHostAccountsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountName)) {
    query['HostAccountName'] = request.hostAccountName;
  }
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.protocolName)) {
    query['ProtocolName'] = request.protocolName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostAccounts',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries accounts of a specified host.
 *
 * @param request ListHostAccountsRequest
 * @return ListHostAccountsResponse
 */
async function listHostAccounts(request: ListHostAccountsRequest): ListHostAccountsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostAccountsWithOptions(request, runtime);
}

model ListHostAccountsForHostShareKeyRequest {
  hostShareKeyId?: string(name='HostShareKeyId', description='The shared key ID.

>  You can call the [ListHostShareKeys](https://help.aliyun.com/document_detail/462973.html) operation to query the shared key ID.

This parameter is required.', example='1124'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page. Default value: **10**.', example='10'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListHostAccountsForHostShareKeyResponseBody = {
  hostAccounts?: [ 
    {
      hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='root1234'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1113'),
      hostsAccountId?: string(name='HostsAccountId', description='The ID of the host account.', example='1235'),
      protocolName?: string(name='ProtocolName', description='The O\\\\&M protocol.', example='SSH'),
    }
  ](name='HostAccounts', description='An array that consists of the host accounts that are associated with the shared key.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of the host accounts that are associated with the shared key.', example='5'),
}

model ListHostAccountsForHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostAccountsForHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Queries the host accounts that are associated with a shared key.
 *
 * @param request ListHostAccountsForHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostAccountsForHostShareKeyResponse
 */
async function listHostAccountsForHostShareKeyWithOptions(request: ListHostAccountsForHostShareKeyRequest, runtime: Util.RuntimeOptions): ListHostAccountsForHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostAccountsForHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the host accounts that are associated with a shared key.
 *
 * @param request ListHostAccountsForHostShareKeyRequest
 * @return ListHostAccountsForHostShareKeyResponse
 */
async function listHostAccountsForHostShareKey(request: ListHostAccountsForHostShareKeyRequest): ListHostAccountsForHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostAccountsForHostShareKeyWithOptions(request, runtime);
}

model ListHostAccountsForUserRequest {
  hostAccountName?: string(name='HostAccountName', description='The name of the host account that you want to query. Exact match is supported.', example='root'),
  hostId?: string(name='HostId', description='The ID of the host to query.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to perform the query. The host accounts that the specified user is authorized to manage on the specified host are queried.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to perform the query. The host accounts that the specified user is authorized to manage on the specified host are queried.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user for which you want to query authorized host accounts.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model ListHostAccountsForUserResponseBody = {
  hostAccounts?: [ 
    {
      hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1'),
      hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='root'),
      hostId?: string(name='HostId', description='The ID of the host for which the host accounts were queried.', example='1'),
      isAuthorized?: boolean(name='IsAuthorized', description='Indicates whether the user is authorized to manage the host account. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
      protocolName?: string(name='ProtocolName', description='The protocol that is used by the host. Valid values:

*   **SSH**
*   **RDP**', example='SSH'),
    }
  ](name='HostAccounts', description='An array that consists of the queried host accounts.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of host accounts that were queried.', example='1'),
}

model ListHostAccountsForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostAccountsForUserResponseBody(name='body'),
}

/**
 * @summary Queries the host accounts that the specified user is authorized to manage on the specified host.
 *
 * @param request ListHostAccountsForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostAccountsForUserResponse
 */
async function listHostAccountsForUserWithOptions(request: ListHostAccountsForUserRequest, runtime: Util.RuntimeOptions): ListHostAccountsForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountName)) {
    query['HostAccountName'] = request.hostAccountName;
  }
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostAccountsForUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the host accounts that the specified user is authorized to manage on the specified host.
 *
 * @param request ListHostAccountsForUserRequest
 * @return ListHostAccountsForUserResponse
 */
async function listHostAccountsForUser(request: ListHostAccountsForUserRequest): ListHostAccountsForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostAccountsForUserWithOptions(request, runtime);
}

model ListHostAccountsForUserGroupRequest {
  hostAccountName?: string(name='HostAccountName', description='The name of the host account that you want to query. Exact match is supported.', example='root'),
  hostId?: string(name='HostId', description='The ID of the host to query.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query the host accounts to be managed by the specified user group on the specified host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query the host accounts to be managed by the specified user group on the specified host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group for which you want to query authorized host accounts.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model ListHostAccountsForUserGroupResponseBody = {
  hostAccounts?: [ 
    {
      hostAccountId?: string(name='HostAccountId', description='The ID of the host account.', example='1'),
      hostAccountName?: string(name='HostAccountName', description='The name of the host account.', example='host１'),
      hostId?: string(name='HostId', description='The ID of the host for which the host accounts were queried.', example='１'),
      isAuthorized?: boolean(name='IsAuthorized', description='Indicates whether the user group is authorized to manage the host account. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
      protocolName?: string(name='ProtocolName', description='The protocol that is used by the host. Valid values:

*   **SSH**
*   **RDP**', example='SSH'),
    }
  ](name='HostAccounts', description='An array that consists of the queried host accounts.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of host accounts that were queried.', example='1'),
}

model ListHostAccountsForUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostAccountsForUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the host accounts of the specified host that the specified user group is authorized to manage.
 *
 * @param request ListHostAccountsForUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostAccountsForUserGroupResponse
 */
async function listHostAccountsForUserGroupWithOptions(request: ListHostAccountsForUserGroupRequest, runtime: Util.RuntimeOptions): ListHostAccountsForUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountName)) {
    query['HostAccountName'] = request.hostAccountName;
  }
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostAccountsForUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the host accounts of the specified host that the specified user group is authorized to manage.
 *
 * @param request ListHostAccountsForUserGroupRequest
 * @return ListHostAccountsForUserGroupResponse
 */
async function listHostAccountsForUserGroup(request: ListHostAccountsForUserGroupRequest): ListHostAccountsForUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostAccountsForUserGroupWithOptions(request, runtime);
}

model ListHostGroupAccountNamesForUserRequest {
  hostGroupId?: string(name='HostGroupId', description='The ID of the host group.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the user belongs.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the user belongs.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model ListHostGroupAccountNamesForUserResponseBody = {
  hostAccountNames?: [ string ](name='HostAccountNames', description='An array that consists of the names of host accounts.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ListHostGroupAccountNamesForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostGroupAccountNamesForUserResponseBody(name='body'),
}

/**
 * @summary Queries the names of the host accounts that a specified user is authorized to manage in a specified host group.
 *
 * @param request ListHostGroupAccountNamesForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostGroupAccountNamesForUserResponse
 */
async function listHostGroupAccountNamesForUserWithOptions(request: ListHostGroupAccountNamesForUserRequest, runtime: Util.RuntimeOptions): ListHostGroupAccountNamesForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostGroupAccountNamesForUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the names of the host accounts that a specified user is authorized to manage in a specified host group.
 *
 * @param request ListHostGroupAccountNamesForUserRequest
 * @return ListHostGroupAccountNamesForUserResponse
 */
async function listHostGroupAccountNamesForUser(request: ListHostGroupAccountNamesForUserRequest): ListHostGroupAccountNamesForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostGroupAccountNamesForUserWithOptions(request, runtime);
}

model ListHostGroupAccountNamesForUserGroupRequest {
  hostGroupId?: string(name='HostGroupId', description='The ID of the host group.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query the host account names the user group is authorized to manage in a host group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query the host account names the user group is authorized to manage in a host group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model ListHostGroupAccountNamesForUserGroupResponseBody = {
  hostAccountNames?: [ string ](name='HostAccountNames', description='The names of host accounts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ListHostGroupAccountNamesForUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostGroupAccountNamesForUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the names of the host accounts that a user group is authorized to manage in a host group.
 *
 * @param request ListHostGroupAccountNamesForUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostGroupAccountNamesForUserGroupResponse
 */
async function listHostGroupAccountNamesForUserGroupWithOptions(request: ListHostGroupAccountNamesForUserGroupRequest, runtime: Util.RuntimeOptions): ListHostGroupAccountNamesForUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostGroupAccountNamesForUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the names of the host accounts that a user group is authorized to manage in a host group.
 *
 * @param request ListHostGroupAccountNamesForUserGroupRequest
 * @return ListHostGroupAccountNamesForUserGroupResponse
 */
async function listHostGroupAccountNamesForUserGroup(request: ListHostGroupAccountNamesForUserGroupRequest): ListHostGroupAccountNamesForUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostGroupAccountNamesForUserGroupWithOptions(request, runtime);
}

model ListHostGroupsRequest {
  hostGroupName?: string(name='HostGroupName', description='The name of the host group that you want to query. Only exact match is supported.', example='Host group 1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to query.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/462953.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page. Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to query the host group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListHostGroupsResponseBody = {
  hostGroups?: [ 
    {
      comment?: string(name='Comment', description='The remarks of the asset group.', example='Description'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='1'),
      hostGroupName?: string(name='HostGroupName', description='The name of the asset group.', example='Host group 1'),
      memberCount?: int32(name='MemberCount', description='The number of hosts in the asset group.', example='1'),
    }
  ](name='HostGroups', description='The asset groups returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of asset groups returned.', example='1'),
}

model ListHostGroupsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostGroupsResponseBody(name='body'),
}

/**
 * @summary Queries a list of asset groups that are managed by a bastion host.
 *
 * @param request ListHostGroupsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostGroupsResponse
 */
async function listHostGroupsWithOptions(request: ListHostGroupsRequest, runtime: Util.RuntimeOptions): ListHostGroupsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupName)) {
    query['HostGroupName'] = request.hostGroupName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostGroups',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of asset groups that are managed by a bastion host.
 *
 * @param request ListHostGroupsRequest
 * @return ListHostGroupsResponse
 */
async function listHostGroups(request: ListHostGroupsRequest): ListHostGroupsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostGroupsWithOptions(request, runtime);
}

model ListHostGroupsForUserRequest {
  hostGroupName?: string(name='HostGroupName', description='The name of the host group to query. The name can be up to 128 characters in length. Only exact match is supported.', example='group'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose user you want to query.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  mode?: string(name='Mode', description='The category of the host groups to query. Valid values:

*   **Authorized** (default): queries the host groups that the user is authorized to manage.
*   **Unauthorized**: queries the host groups that the user is not authorized to manage.', example='Authorized'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='１'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose user you want to query.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The user ID.

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the user ID.

This parameter is required.', example='１'),
}

model ListHostGroupsForUserResponseBody = {
  hostGroups?: [ 
    {
      comment?: string(name='Comment', description='The remarks of the host group.', example='comment'),
      hostGroupId?: string(name='HostGroupId', description='The host group ID.', example='１'),
      hostGroupName?: string(name='HostGroupName', description='The name of the host group.', example='group'),
    }
  ](name='HostGroups', description='The host groups returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of host groups returned.', example='1'),
}

model ListHostGroupsForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostGroupsForUserResponseBody(name='body'),
}

/**
 * @summary Queries a list of host groups that a bastion host user is authorized or is not authorized to manage.
 *
 * @param request ListHostGroupsForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostGroupsForUserResponse
 */
async function listHostGroupsForUserWithOptions(request: ListHostGroupsForUserRequest, runtime: Util.RuntimeOptions): ListHostGroupsForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupName)) {
    query['HostGroupName'] = request.hostGroupName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.mode)) {
    query['Mode'] = request.mode;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostGroupsForUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of host groups that a bastion host user is authorized or is not authorized to manage.
 *
 * @param request ListHostGroupsForUserRequest
 * @return ListHostGroupsForUserResponse
 */
async function listHostGroupsForUser(request: ListHostGroupsForUserRequest): ListHostGroupsForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostGroupsForUserWithOptions(request, runtime);
}

model ListHostGroupsForUserGroupRequest {
  hostGroupName?: string(name='HostGroupName', description='The name of the host group that you want to query. Only exact match is supported.', example='group'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the user group belongs.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  mode?: string(name='Mode', description='Specifies the category of the host group that you want to query. Valid values:

*   **Authorized**: queries the host groups that the user group is authorized to manage. This is the default value.
*   **Unauthorized**: queries the host groups that the user group is not authorized to manage.', example='Authorized'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the user group belongs.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model ListHostGroupsForUserGroupResponseBody = {
  hostGroups?: [ 
    {
      comment?: string(name='Comment', description='The description of the host group.', example='comment'),
      hostGroupId?: string(name='HostGroupId', description='The ID of the host group.', example='1'),
      hostGroupName?: string(name='HostGroupName', description='The name of the host group.', example='group'),
    }
  ](name='HostGroups', description='The host groups returned.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of host groups returned.', example='1'),
}

model ListHostGroupsForUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostGroupsForUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the hosts that a specified user group is authorized or not authorized to manage.
 *
 * @param request ListHostGroupsForUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostGroupsForUserGroupResponse
 */
async function listHostGroupsForUserGroupWithOptions(request: ListHostGroupsForUserGroupRequest, runtime: Util.RuntimeOptions): ListHostGroupsForUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupName)) {
    query['HostGroupName'] = request.hostGroupName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.mode)) {
    query['Mode'] = request.mode;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostGroupsForUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the hosts that a specified user group is authorized or not authorized to manage.
 *
 * @param request ListHostGroupsForUserGroupRequest
 * @return ListHostGroupsForUserGroupResponse
 */
async function listHostGroupsForUserGroup(request: ListHostGroupsForUserGroupRequest): ListHostGroupsForUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostGroupsForUserGroupWithOptions(request, runtime);
}

model ListHostShareKeysRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page. Default value: **20**.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListHostShareKeysResponseBody = {
  hostShareKeys?: [ 
    {
      hostAccountCount?: long(name='HostAccountCount', description='The number of the associated host accounts.', example='1'),
      hostShareKeyId?: string(name='HostShareKeyId', description='The shared key ID.', example='10247'),
      hostShareKeyName?: string(name='HostShareKeyName', description='The name of the shared key.', example='name'),
      lastModifyKeyAt?: long(name='LastModifyKeyAt', description='The time when the shared key was last modified. The value is a UNIX timestamp. Unit: seconds.', example='1644806406'),
      privateKeyFingerPrint?: string(name='PrivateKeyFingerPrint', description='The fingerprint of the private key.', example='****'),
    }
  ](name='HostShareKeys', description='An array that consists of the shared keys.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of the shared keys.', example='10'),
}

model ListHostShareKeysResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostShareKeysResponseBody(name='body'),
}

/**
 * @summary Queries the shared keys that are associated with a host.
 *
 * @param request ListHostShareKeysRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostShareKeysResponse
 */
async function listHostShareKeysWithOptions(request: ListHostShareKeysRequest, runtime: Util.RuntimeOptions): ListHostShareKeysResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostShareKeys',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the shared keys that are associated with a host.
 *
 * @param request ListHostShareKeysRequest
 * @return ListHostShareKeysResponse
 */
async function listHostShareKeys(request: ListHostShareKeysRequest): ListHostShareKeysResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostShareKeysWithOptions(request, runtime);
}

model ListHostsRequest {
  hostAddress?: string(name='HostAddress', description='The address of the host that you want to query. You can set this parameter to a domain name or an IP address. Only exact match is supported.', example='1.1.XX.XX'),
  hostGroupId?: string(name='HostGroupId', description='The ID of the host group to which the host to be queried belongs.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group.', example='1'),
  hostName?: string(name='HostName', description='The name of the host that you want to query. Only exact match is supported.', example='host'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query hosts.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  OSType?: string(name='OSType', description='The operating system of the host that you want to query. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page. Default value: **10**.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query hosts.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  source?: string(name='Source', description='The source of the host that you want to query. Valid values:

*   **Local**: a host in a data center
*   **Ecs**: an Elastic Compute Service (ECS) instance
*   **Rds**: a host in an ApsaraDB MyBase dedicated cluster', example='Local'),
  sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ECS instance or the host in an ApsaraDB MyBase dedicated cluster that you want to query. Only exact match is supported.', example='i-bp19ienyt0yax748****'),
  sourceInstanceState?: string(name='SourceInstanceState', description='The status of the host that you want to query. Valid values:

*   **Normal**: normal
*   **Release**: released', example='Normal'),
}

model ListHostsResponseBody = {
  hosts?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the host. Valid values:

*   **Public**: a public address
*   **Private**: a private address', example='Public'),
      comment?: string(name='Comment', description='The description of the host.', example='host'),
      hostAccountCount?: int32(name='HostAccountCount', description='The number of host accounts.', example='1'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      hostName?: string(name='HostName', description='The name of the host.', example='name'),
      hostPrivateAddress?: string(name='HostPrivateAddress', description='The private address of the host. The value is a domain name or an IP address.', example='192.168.XX.XX'),
      hostPublicAddress?: string(name='HostPublicAddress', description='The public address of the host. The value is a domain name or an IP address.', example='1.1.XX.XX'),
      OSType?: string(name='OSType', description='The operating system of the host. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
      source?: string(name='Source', description='The source of the host. Valid values:

*   **Local**: a host in a data center
*   **Ecs**: an ECS instance
*   **Rds**: a host in an ApsaraDB MyBase dedicated cluster', example='Local'),
      sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ECS instance or the host in an ApsaraDB MyBase dedicated cluster.

> No value is returned for this parameter if the **Source** parameter is set to **Local**.', example='i-bp19ienyt0yax748****'),
      sourceInstanceState?: string(name='SourceInstanceState', description='The status of the host. Valid values:

*   **Normal**: normal
*   **Release**: released', example='Normal'),
    }
  ](name='Hosts', description='An array that consists of the hosts returned.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of hosts returned.', example='1'),
}

model ListHostsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostsResponseBody(name='body'),
}

/**
 * @summary Queries the hosts in a bastion host.
 *
 * @param request ListHostsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostsResponse
 */
async function listHostsWithOptions(request: ListHostsRequest, runtime: Util.RuntimeOptions): ListHostsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAddress)) {
    query['HostAddress'] = request.hostAddress;
  }
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.hostName)) {
    query['HostName'] = request.hostName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.OSType)) {
    query['OSType'] = request.OSType;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceInstanceId)) {
    query['SourceInstanceId'] = request.sourceInstanceId;
  }
  if (!Util.isUnset(request.sourceInstanceState)) {
    query['SourceInstanceState'] = request.sourceInstanceState;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHosts',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the hosts in a bastion host.
 *
 * @param request ListHostsRequest
 * @return ListHostsResponse
 */
async function listHosts(request: ListHostsRequest): ListHostsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostsWithOptions(request, runtime);
}

model ListHostsForUserRequest {
  hostAddress?: string(name='HostAddress', description='The endpoint of the host that you want to query. You can set this parameter to a domain name or an IP address. Only exact match is supported.', example='192.168.XX.XX'),
  hostName?: string(name='HostName', description='The name of the host that you want to query. Only exact match is supported.', example='abc'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query the hosts that the user is authorized or not authorized to manage.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  mode?: string(name='Mode', description='Specifies the category of the hosts that you want to query. Valid values:

*   **Authorized**: queries the hosts that the user is authorized to manage. This is the default value.
*   **Unauthorized**: queries the hosts that the user is not authorized to manage.', example='Authorized'),
  OSType?: string(name='OSType', description='The operating system of the host that you want to query. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
  pageNumber?: string(name='PageNumber', description='The number of the page. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned per page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query the hosts that the user is authorized or not authorized to manage.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userId?: string(name='UserId', description='The ID of the user.

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='1'),
}

model ListHostsForUserResponseBody = {
  hosts?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The endpoint type of the host. Valid values:

*   **Public**: public endpoint
*   **Private**: internal endpoint', example='Public'),
      comment?: string(name='Comment', description='The description of the host.', example='comment'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      hostName?: string(name='HostName', description='The name of the host.', example='host01'),
      hostPrivateAddress?: string(name='HostPrivateAddress', description='The internal endpoint of the host. The value is a domain name or an IP address.', example='192.168.XX.XX'),
      hostPublicAddress?: string(name='HostPublicAddress', description='The public endpoint of the host. The value is a domain name or an IP address.', example='10.158.XX.XX'),
      OSType?: string(name='OSType', description='The operating system of the host. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
    }
  ](name='Hosts', description='The hosts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of hosts returned.', example='1'),
}

model ListHostsForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostsForUserResponseBody(name='body'),
}

/**
 * @summary Queries the hosts that a user group is authorized or not authorized to manage.
 *
 * @param request ListHostsForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostsForUserResponse
 */
async function listHostsForUserWithOptions(request: ListHostsForUserRequest, runtime: Util.RuntimeOptions): ListHostsForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAddress)) {
    query['HostAddress'] = request.hostAddress;
  }
  if (!Util.isUnset(request.hostName)) {
    query['HostName'] = request.hostName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.mode)) {
    query['Mode'] = request.mode;
  }
  if (!Util.isUnset(request.OSType)) {
    query['OSType'] = request.OSType;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostsForUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the hosts that a user group is authorized or not authorized to manage.
 *
 * @param request ListHostsForUserRequest
 * @return ListHostsForUserResponse
 */
async function listHostsForUser(request: ListHostsForUserRequest): ListHostsForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostsForUserWithOptions(request, runtime);
}

model ListHostsForUserGroupRequest {
  hostAddress?: string(name='HostAddress', description='The endpoint of the host that you want to query. You can set this parameter to a domain name or an IP address. Only exact match is supported.', example='192.168.XX.XX'),
  hostName?: string(name='HostName', description='The name of the host that you want to query. Only exact match is supported.', example='abc'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query the hosts that the user group is authorized or not authorized to manage.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  mode?: string(name='Mode', description='Specifies the category of the hosts that you want to query. Valid values:

*   **Authorized**: queries the hosts that the user group is authorized to manage. This is the default value.
*   **Unauthorized**: queries the hosts that the user group is not authorized to manage.', example='Authorized'),
  OSType?: string(name='OSType', description='The operating system of the host that you want to query. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
  pageNumber?: string(name='PageNumber', description='The number of the page. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned per page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query the hosts that the user group is authorized or not authorized to manage.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group for which you want to query hosts.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
}

model ListHostsForUserGroupResponseBody = {
  hosts?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the host. Valid values:

*   **Public**: public endpoint
*   **Private**: internal endpoint', example='Public'),
      comment?: string(name='Comment', description='The description of the host.', example='comment'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      hostName?: string(name='HostName', description='The name of the host.', example='host1'),
      hostPrivateAddress?: string(name='HostPrivateAddress', description='The internal endpoint of the host. The value is a domain name or an IP address.', example='192.168.XX.XX'),
      hostPublicAddress?: string(name='HostPublicAddress', description='The public endpoint of the host. The value is a domain name or an IP address.', example='10.158.XX.XX'),
      OSType?: string(name='OSType', description='The operating system of the host. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
    }
  ](name='Hosts', description='The hosts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of hosts returned.', example='10'),
}

model ListHostsForUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHostsForUserGroupResponseBody(name='body'),
}

/**
 * @summary Queries the hosts that a user group is authorized or not authorized to manage.
 *
 * @param request ListHostsForUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHostsForUserGroupResponse
 */
async function listHostsForUserGroupWithOptions(request: ListHostsForUserGroupRequest, runtime: Util.RuntimeOptions): ListHostsForUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAddress)) {
    query['HostAddress'] = request.hostAddress;
  }
  if (!Util.isUnset(request.hostName)) {
    query['HostName'] = request.hostName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.mode)) {
    query['Mode'] = request.mode;
  }
  if (!Util.isUnset(request.OSType)) {
    query['OSType'] = request.OSType;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHostsForUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the hosts that a user group is authorized or not authorized to manage.
 *
 * @param request ListHostsForUserGroupRequest
 * @return ListHostsForUserGroupResponse
 */
async function listHostsForUserGroup(request: ListHostsForUserGroupRequest): ListHostsForUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHostsForUserGroupWithOptions(request, runtime);
}

model ListNetworkDomainsRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-tl329pvu70x'),
  networkDomainName?: string(name='NetworkDomainName', description='The name of the network domain.'),
  networkDomainType?: string(name='NetworkDomainType', description='The connection mode of the network domain. Valid values:

*   **Direct**
*   **Proxy**', example='Proxy'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListNetworkDomainsResponseBody = {
  networkDomains?: [ 
    {
      comment?: string(name='Comment', description='The remarks of the network domain.', example='comment'),
      default?: boolean(name='Default', description='Indicates whether the network domain is built-in.

*   **true**
*   **false**', example='true'),
      networkDomainId?: string(name='NetworkDomainId', description='The network domain ID.', example='2'),
      networkDomainName?: string(name='NetworkDomainName', description='The name of the network domain.', example='test'),
      networkDomainType?: string(name='NetworkDomainType', description='The connection mode of the network domain. Valid values:

*   **Direct**
*   **Proxy**', example='Proxy'),
      proxiesState?: [ 
        {
          nodeType?: string(name='NodeType', description='The node type of the proxy server. Valid values:

*   **Master**: primary proxy server.
*   **Slave**: secondary proxy server.', example='Master'),
          proxyState?: string(name='ProxyState', description='The status of the proxy server.

*   **Available**
*   **Unavailable**', example='Available'),
        }
      ](name='ProxiesState'),
    }
  ](name='NetworkDomains', description='The network domains that are returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of network domains that are returned.', example='5'),
}

model ListNetworkDomainsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListNetworkDomainsResponseBody(name='body'),
}

/**
 * @summary Queries the network domains created in a bastion host.
 *
 * @param request ListNetworkDomainsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListNetworkDomainsResponse
 */
async function listNetworkDomainsWithOptions(request: ListNetworkDomainsRequest, runtime: Util.RuntimeOptions): ListNetworkDomainsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainName)) {
    query['NetworkDomainName'] = request.networkDomainName;
  }
  if (!Util.isUnset(request.networkDomainType)) {
    query['NetworkDomainType'] = request.networkDomainType;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListNetworkDomains',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the network domains created in a bastion host.
 *
 * @param request ListNetworkDomainsRequest
 * @return ListNetworkDomainsResponse
 */
async function listNetworkDomains(request: ListNetworkDomainsRequest): ListNetworkDomainsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listNetworkDomainsWithOptions(request, runtime);
}

model ListOperationDatabaseAccountsRequest {
  databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account. Exact match is supported.', example='test'),
  databaseId?: string(name='DatabaseId', description='The database ID.

>  You can call the [ListOperationDatabases](https://help.aliyun.com/document_detail/2758856.html) operation to query the database ID.

This parameter is required.', example='56'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-2r42t9cvf0i'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
}

model ListOperationDatabaseAccountsResponseBody = {
  databaseAccounts?: [ 
    {
      DBName?: string(name='DBName', description='The name of the PostgreSQL or Oracle database.', example='xe'),
      databaseAccountId?: string(name='DatabaseAccountId', description='The database account ID.', example='3'),
      databaseAccountName?: string(name='DatabaseAccountName', description='The name of the database account.', example='system'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='2'),
      hasPassword?: string(name='HasPassword', description='Indicates whether a password is configured for the database host account.', example='true'),
      loginAttribute?: string(name='LoginAttribute', description='The logon attribute. One of the following values is returned if the database engine is Oracle:

*   **SERVICENAME**
*   **SID**', example='SID'),
      protocolName?: string(name='ProtocolName', description='The protocol that is used by the database account.', example='MySQL'),
    }
  ](name='DatabaseAccounts', description='The database accounts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of entries returned.', example='5'),
}

model ListOperationDatabaseAccountsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListOperationDatabaseAccountsResponseBody(name='body'),
}

/**
 * @summary Queries a list of database accounts that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationDatabaseAccountsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListOperationDatabaseAccountsResponse
 */
async function listOperationDatabaseAccountsWithOptions(request: ListOperationDatabaseAccountsRequest, runtime: Util.RuntimeOptions): ListOperationDatabaseAccountsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountName)) {
    query['DatabaseAccountName'] = request.databaseAccountName;
  }
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListOperationDatabaseAccounts',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of database accounts that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationDatabaseAccountsRequest
 * @return ListOperationDatabaseAccountsResponse
 */
async function listOperationDatabaseAccounts(request: ListOperationDatabaseAccountsRequest): ListOperationDatabaseAccountsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listOperationDatabaseAccountsWithOptions(request, runtime);
}

model ListOperationDatabasesRequest {
  databaseAddress?: string(name='DatabaseAddress', description='The address of the database.', example='10.167.66.167'),
  databaseName?: string(name='DatabaseName', description='The name of the database instance. The system supports exact search.', example='aaa'),
  databaseType?: string(name='DatabaseType', description='The type of the database. Valid values:

*   **MySQL**
*   **SQLServer**
*   **Oracle**
*   **PostgreSQL**', example='MySQL'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-tl32wloo90y'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
  source?: string(name='Source', description='The source of the database instance. Valid values:

*   **Local**
*   **Rds**
*   **PolarDB**', example='Local'),
  sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB RDS instance. The system supports exact search.', example='i-bp19ienyt0yax748****'),
  sourceInstanceState?: string(name='SourceInstanceState', description='The instance state.

*   **Normal**
*   **RemoteRelease**', example='Normal'),
}

model ListOperationDatabasesResponseBody = {
  databases?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the database. Valid values:

*   **Public**
*   **Private**', example='Private'),
      comment?: string(name='Comment', description='The remarks of the database.', example='cpp'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='26'),
      databaseName?: string(name='DatabaseName', description='The database name.', example='zDatabase'),
      databasePort?: long(name='DatabasePort', description='The port of the database.', example='3306'),
      databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The private address of the database.', example='rm-b******9b.mysql.rds.aliyuncs.com'),
      databasePublicAddress?: string(name='DatabasePublicAddress', description='The public address of the database.', example='rm-uf******p45.mysql.rds.aliyuncs.com'),
      databaseType?: string(name='DatabaseType', description='The database engine. Valid values:

*   **MySQL**
*   **PostgreSQL**
*   **Oracle**
*   **SQLServer**', example='MySQL'),
      source?: string(name='Source', description='The database type. Valid values:

*   **Local**: on-premises database.
*   **Rds**: ApsaraDB RDS instance.
*   **PolarDB**: PolarDB cluster.', example='Local'),
      sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB RDS instance.', example='i-wz9225bhipya******'),
      sourceInstanceRegionId?: string(name='SourceInstanceRegionId', description='The region ID of the ApsaraDB RDS instance.', example='cn-shanghai'),
      sourceInstanceState?: string(name='SourceInstanceState', description='The database status. Valid values:

*   **Normal**
*   **Release**', example='Normal'),
    }
  ](name='Databases', description='The databases returned.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of entries returned.', example='15'),
}

model ListOperationDatabasesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListOperationDatabasesResponseBody(name='body'),
}

/**
 * @summary Queries a list of databases that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationDatabasesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListOperationDatabasesResponse
 */
async function listOperationDatabasesWithOptions(request: ListOperationDatabasesRequest, runtime: Util.RuntimeOptions): ListOperationDatabasesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAddress)) {
    query['DatabaseAddress'] = request.databaseAddress;
  }
  if (!Util.isUnset(request.databaseName)) {
    query['DatabaseName'] = request.databaseName;
  }
  if (!Util.isUnset(request.databaseType)) {
    query['DatabaseType'] = request.databaseType;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceInstanceId)) {
    query['SourceInstanceId'] = request.sourceInstanceId;
  }
  if (!Util.isUnset(request.sourceInstanceState)) {
    query['SourceInstanceState'] = request.sourceInstanceState;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListOperationDatabases',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of databases that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationDatabasesRequest
 * @return ListOperationDatabasesResponse
 */
async function listOperationDatabases(request: ListOperationDatabasesRequest): ListOperationDatabasesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listOperationDatabasesWithOptions(request, runtime);
}

model ListOperationHostAccountsRequest {
  hostAccountName?: string(name='HostAccountName', description='The name of the host account to query. Only exact match is supported.', example='root'),
  hostId?: string(name='HostId', description='The ID of the host whose accounts you want to query.

>  You can call the [ListOperationHosts](https://help.aliyun.com/document_detail/2758857.html) operation to query the host ID.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListOperationHostAccountsResponseBody = {
  hostAccounts?: [ 
    {
      hasPassword?: boolean(name='HasPassword', description='Indicates whether a password is configured for the host account.

*   **true**
*   **false**', example='true'),
      hostAccountId?: string(name='HostAccountId', description='The host account ID.', example='1'),
      hostAccountName?: string(name='HostAccountName', description='The host account name.', example='root'),
      hostId?: string(name='HostId', description='The host ID.', example='１'),
      hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key that is associated with the host.', example='3'),
      privateKeyFingerprint?: string(name='PrivateKeyFingerprint', description='The fingerprint of the private key for the host account.', example='fe:ca:37:42:30:00:9d:95:e6:73:e5:b0:32:0a:**:**'),
      protocolName?: string(name='ProtocolName', description='The protocol that is used by the host account.

*   **SSH**
*   **RDP**', example='SSH'),
      SSHConfig?: {
        enableSFTPChannel?: boolean(name='EnableSFTPChannel', description='Indicates whether SFTP channels are enabled for the account.'),
        enableSSHChannel?: boolean(name='EnableSSHChannel', description='Indicates whether SSH channels are enabled for the account.'),
      }(name='SSHConfig', description='Indicates whether the Secure File Transfer Protocol (SFTP) channels or the SSH channels are enabled for the host account that uses the SSH protocol.'),
    }
  ](name='HostAccounts', description='The host accounts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of host accounts returned.', example='1'),
}

model ListOperationHostAccountsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListOperationHostAccountsResponseBody(name='body'),
}

/**
 * @summary Queries a list of host accounts that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationHostAccountsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListOperationHostAccountsResponse
 */
async function listOperationHostAccountsWithOptions(request: ListOperationHostAccountsRequest, runtime: Util.RuntimeOptions): ListOperationHostAccountsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountName)) {
    query['HostAccountName'] = request.hostAccountName;
  }
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListOperationHostAccounts',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of host accounts that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationHostAccountsRequest
 * @return ListOperationHostAccountsResponse
 */
async function listOperationHostAccounts(request: ListOperationHostAccountsRequest): ListOperationHostAccountsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listOperationHostAccountsWithOptions(request, runtime);
}

model ListOperationHostsRequest {
  hostAddress?: string(name='HostAddress', description='The address of the host that you want to query. You can set this parameter to a domain name or an IP address. Only exact match is supported.', example='10.162.172.132'),
  hostName?: string(name='HostName', description='The name of the host that you want to query. Only exact match is supported.', example='abc'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-09k22avmw0q'),
  OSType?: string(name='OSType', description='The operating system of the host that you want to query. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  source?: string(name='Source', description='The source of the host that you want to query. Valid values:

*   **Local**
*   **Ecs**', example='Local'),
  sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the Elastic Compute Service (ECS) instance. Exact match is supported.', example='i-bp19ienyt0yax748****'),
  sourceInstanceState?: string(name='SourceInstanceState', description='The status of the host that you want to query. Valid values:

*   **Normal**
*   **Release**', example='Normal'),
}

model ListOperationHostsResponseBody = {
  hosts?: [ 
    {
      activeAddressType?: string(name='ActiveAddressType', description='The address type of the host. Valid values:

*   **Public**
*   **Private**', example='Public'),
      comment?: string(name='Comment', description='The remarks of the host.', example='comment'),
      hostId?: string(name='HostId', description='The host ID.', example='1'),
      hostName?: string(name='HostName', description='The host name.', example='host1'),
      hostPrivateAddress?: string(name='HostPrivateAddress', description='The private IP address of the host.', example='192.168.XX.XX'),
      hostPublicAddress?: string(name='HostPublicAddress', description='The public IP address of the host.', example='10.158.XX.XX'),
      OSType?: string(name='OSType', description='The host OS.

*   **Linux**
*   **Windows**', example='Linux'),
      source?: string(name='Source', description='The host type. Valid values:

*   **Local**: on-premises host.
*   **Ecs**: Elastic Compute Service (ECS) instance.', example='Local'),
      sourceInstanceId?: string(name='SourceInstanceId', description='The ECS instance ID.', example='i-bp19ienyt0yax748****'),
      sourceInstanceState?: string(name='SourceInstanceState', description='The host status. Valid values:

*   **Normal**
*   **Release**', example='Normal'),
    }
  ](name='Hosts', description='The hosts returned.'),
  requestId?: string(name='RequestId', description='The request ID.', example='4F6C075F-FC86-476E-943B-097BD4E12948'),
  totalCount?: long(name='TotalCount', description='The total number of hosts returned.', example='5'),
}

model ListOperationHostsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListOperationHostsResponseBody(name='body'),
}

/**
 * @summary Queries a list of hosts that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationHostsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListOperationHostsResponse
 */
async function listOperationHostsWithOptions(request: ListOperationHostsRequest, runtime: Util.RuntimeOptions): ListOperationHostsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAddress)) {
    query['HostAddress'] = request.hostAddress;
  }
  if (!Util.isUnset(request.hostName)) {
    query['HostName'] = request.hostName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.OSType)) {
    query['OSType'] = request.OSType;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceInstanceId)) {
    query['SourceInstanceId'] = request.sourceInstanceId;
  }
  if (!Util.isUnset(request.sourceInstanceState)) {
    query['SourceInstanceState'] = request.sourceInstanceState;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListOperationHosts',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of hosts that the current Resource Access Management (RAM) user is authorized to manage.
 *
 * @param request ListOperationHostsRequest
 * @return ListOperationHostsResponse
 */
async function listOperationHosts(request: ListOperationHostsRequest): ListOperationHostsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listOperationHostsWithOptions(request, runtime);
}

model ListOperationTicketsRequest {
  assetAddress?: string(name='AssetAddress', description='The IP address of the asset that is contained in the O\\\\&M application to be reviewed.', example='10.167.XX.XX'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Maximum value: 1000. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListOperationTicketsResponseBody = {
  operationTickets?: [ 
    {
      applyUserId?: string(name='ApplyUserId', description='The ID of the O\\\\&M applicant.', example='1'),
      applyUsername?: string(name='ApplyUsername', description='The username of the O\\\\&M applicant.', example='test'),
      approveComment?: string(name='ApproveComment', description='The remarks entered when the O\\\\&M personnel applies for O\\\\&M permissions.', example='Apply for O\\\\&M'),
      assetAccountId?: string(name='AssetAccountId', description='The ID of the asset account.', example='1'),
      assetAccountName?: string(name='AssetAccountName', description='The username of the asset account.', example='root'),
      assetAddress?: string(name='AssetAddress', description='The IP address of the asset.', example='10.167.XX.XX'),
      assetId?: string(name='AssetId', description='The ID of the asset.', example='2'),
      assetName?: string(name='AssetName', description='The name of the asset.', example='poros-test'),
      assetNetworkDomainId?: string(name='AssetNetworkDomainId', description='The network domain ID of the asset.', example='2'),
      assetOs?: string(name='AssetOs', description='The operating system of the asset.', example='Linux'),
      assetSource?: string(name='AssetSource', description='The name of the asset source to which the asset belongs. Valid values:

*   **Local**: an on-premises host.
*   **Ecs**: an Elastic Compute Service (ECS) instance.
*   **Rds**: an ApsaraDB RDS instance.
*   A third-party asset source.', example='Local'),
      assetSourceInstanceId?: string(name='AssetSourceInstanceId', description='The ID of the asset source to which the asset belongs.', example='1'),
      createdTime?: long(name='CreatedTime', description='The time when the O\\\\&M application was submitted. The value is a UNIX timestamp. Unit: seconds.', example='1669965908'),
      effectCount?: int32(name='EffectCount', description='The maximum number of logons applied by the O\\\\&M engineer. Valid values:

*   **0**: The number of logons is unlimited. The O\\\\&M engineer can log on to the specified asset for unlimited times during the validity period.
*   **1**: The O\\\\&M engineer can log on to the specified asset only once during the validity period.', example='0'),
      effectEndTime?: int32(name='EffectEndTime', description='The end time of the validity period. The value is a UNIX timestamp. Unit: seconds.', example='1679393152'),
      effectStartTime?: int32(name='EffectStartTime', description='The start time of the validity period. The value is a UNIX timestamp. Unit: seconds.', example='1685600242'),
      operationTicketId?: string(name='OperationTicketId', description='The ID of the O\\\\&M application to be reviewed.', example='1'),
      protocolName?: string(name='ProtocolName', description='The O\\\\&M protocol.', example='SSH'),
      state?: string(name='State', description='The status of the review. Valid value:

*   Normal: to be reviewed', example='Normal'),
    }
  ](name='OperationTickets', description='The O\\\\&M applications to be reviewed.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of O\\\\&M applications to be reviewed.', example='20'),
}

model ListOperationTicketsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListOperationTicketsResponseBody(name='body'),
}

/**
 * @summary Queries O\\\\\\\\\\\\&M applications to be reviewed.
 *
 * @description You can call this operation to query the O\\&M applications to be reviewed by a Bastionhost administrator.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ListOperationTicketsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListOperationTicketsResponse
 */
async function listOperationTicketsWithOptions(request: ListOperationTicketsRequest, runtime: Util.RuntimeOptions): ListOperationTicketsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.assetAddress)) {
    query['AssetAddress'] = request.assetAddress;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListOperationTickets',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries O\\\\\\\\\\\\&M applications to be reviewed.
 *
 * @description You can call this operation to query the O\\&M applications to be reviewed by a Bastionhost administrator.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ListOperationTicketsRequest
 * @return ListOperationTicketsResponse
 */
async function listOperationTickets(request: ListOperationTicketsRequest): ListOperationTicketsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listOperationTicketsWithOptions(request, runtime);
}

model ListPoliciesRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-5yd393wzk08'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  policyName?: string(name='PolicyName', description='The name of the control policy to query. Only exact match is supported.', example='123'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ListPoliciesResponseBody = {
  policies?: [ 
    {
      comment?: string(name='Comment', description='The remarks of the control policy.'),
      policyId?: string(name='PolicyId', description='The control policy ID.', example='2'),
      policyName?: string(name='PolicyName', description='The name of the control policy.', example='test'),
      priority?: long(name='Priority', description='The priority of the control policy. A smaller value indicates a higher priority.', example='1'),
    }
  ](name='Policies', description='The control policies.'),
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of control policies that are returned.', example='10'),
}

model ListPoliciesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPoliciesResponseBody(name='body'),
}

/**
 * @summary Queries a list of control policies.
 *
 * @param request ListPoliciesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPoliciesResponse
 */
async function listPoliciesWithOptions(request: ListPoliciesRequest, runtime: Util.RuntimeOptions): ListPoliciesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPolicies',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of control policies.
 *
 * @param request ListPoliciesRequest
 * @return ListPoliciesResponse
 */
async function listPolicies(request: ListPoliciesRequest): ListPoliciesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPoliciesWithOptions(request, runtime);
}

model ListRulesRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-5yd34ol020a'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ruleName?: string(name='RuleName', description='The name of the authorization rule to query. Only exact match is supported.', example='rule'),
  ruleState?: string(name='RuleState', description='The state of the authorization rule to query.

*   **Enabled**
*   **Disabled**', example='Enabled'),
}

model ListRulesResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  rules?: [ 
    {
      comment?: string(name='Comment', description='The remarks of the authorization rule.', example='comment'),
      effectiveEndTime?: long(name='EffectiveEndTime', description='The end time of the validity period of the authorization rule. The value is a timestamp. Unit: seconds.', example='1709258400'),
      effectiveStartTime?: long(name='EffectiveStartTime', description='The start time of the validity period of the authorization rule. The value is a timestamp. Unit: seconds.', example='1685499134'),
      ruleId?: string(name='RuleId', description='The authorization rule ID.', example='13'),
      ruleName?: string(name='RuleName', description='The name of the authorization rule.', example='rule'),
      ruleState?: string(name='RuleState', description='The state of the authorization rule.

*   **Enabled**
*   **Disabled**', example='Enabled'),
    }
  ](name='Rules', description='The authorization rules that are returned.'),
  totalCount?: long(name='TotalCount', description='The total number of authorization rules that are returned.', example='1'),
}

model ListRulesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListRulesResponseBody(name='body'),
}

/**
 * @summary Queries a list of authorization rules of a bastion host.
 *
 * @param request ListRulesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListRulesResponse
 */
async function listRulesWithOptions(request: ListRulesRequest, runtime: Util.RuntimeOptions): ListRulesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleName)) {
    query['RuleName'] = request.ruleName;
  }
  if (!Util.isUnset(request.ruleState)) {
    query['RuleState'] = request.ruleState;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListRules',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of authorization rules of a bastion host.
 *
 * @param request ListRulesRequest
 * @return ListRulesResponse
 */
async function listRules(request: ListRulesRequest): ListRulesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listRulesWithOptions(request, runtime);
}

model ListTagKeysRequest {
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.', example='10'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

This parameter is required.', example='cn-hangzhou'),
  resourceGroupId?: string(name='ResourceGroupId'),
  resourceType?: string(name='ResourceType', description='The type of the resource.

Set the value to INSTANCE, which indicates that the resource is a bastion host.

This parameter is required.', example='INSTANCE'),
}

model ListTagKeysResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='50177258-E817-4D2F-A5C6-3FD7BC4806E3'),
  tagKeys?: [ 
    {
      tagCount?: int32(name='TagCount', description='The total number of tag keys.', example='2'),
      tagKey?: string(name='TagKey', description='The name of the tag key.', example='key2'),
    }
  ](name='TagKeys', description='An array that consists of tags.'),
  totalCount?: int32(name='TotalCount', description='The total number of tags returned.', example='5'),
}

model ListTagKeysResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTagKeysResponseBody(name='body'),
}

/**
 * @summary Queries the tags that are added to a resource.
 *
 * @param request ListTagKeysRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTagKeysResponse
 */
async function listTagKeysWithOptions(request: ListTagKeysRequest, runtime: Util.RuntimeOptions): ListTagKeysResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTagKeys',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the tags that are added to a resource.
 *
 * @param request ListTagKeysRequest
 * @return ListTagKeysResponse
 */
async function listTagKeys(request: ListTagKeysRequest): ListTagKeysResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTagKeysWithOptions(request, runtime);
}

model ListTagResourcesRequest {
  nextToken?: string(name='NextToken', description='The token for starting the next query.', example='6EwFJmScBXFFC3nf.9Rq7HzA7APx7GWLbkZbjHrR6Pq39w'),
  regionId?: string(name='RegionId', description='The region ID of the Bastionhost instance.

This parameter is required.', example='cn-hangzhou'),
  resourceGroupId?: string(name='ResourceGroupId'),
  resourceId?: [ string ](name='ResourceId', description='The IDs of instances.', example='bastionhost-cn-78v1gcxxxxx'),
  resourceType?: string(name='ResourceType', description='The type of the resource.

Set the value to INSTANCE, which indicates that the resource is a Bastionhost instance.

This parameter is required.', example='INSTANCE'),
  tag?: [ 
    {
      key?: string(name='Key', description='The key of tag N.

Valid values of N: 1 to 20.', example='test'),
      value?: string(name='Value', description='The value of tag N.

Valid values of N: 1 to 20.', example='testapi'),
    }
  ](name='Tag', description='The tags.'),
}

model ListTagResourcesResponseBody = {
  nextToken?: string(name='NextToken', description='The token for starting the next query.', example='4ieSWJCwxvW3dk3wF.BqkrZmP72nWu5zJ5NWydMqyEs****'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='134D6018-EB68-4B7C-BABF-4DB09023E014'),
  tagResources?: [ 
    {
      resourceId?: string(name='ResourceId', description='The ID of the instance.', example='bastionhost-cn-78v1gc****'),
      resourceType?: string(name='ResourceType', description='The type of the resource.

The returned value is INSTANCE, which indicates that the resource is a Bastionhost instance.', example='INSTANCE'),
      tagKey?: string(name='TagKey', description='The key of the tag.', example='test'),
      tagValue?: string(name='TagValue', description='The value of the tag.', example='testapi'),
    }
  ](name='TagResources', description='The information about Bastionhost instances and the tags bound to Bastionhost instances.

The following information is included: instance ID, resource type, tag key, and tag value.'),
}

model ListTagResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTagResourcesResponseBody(name='body'),
}

/**
 * @summary Queries the tags bound to one or more Bastionhost instances.
 *
 * @param request ListTagResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTagResourcesResponse
 */
async function listTagResourcesWithOptions(request: ListTagResourcesRequest, runtime: Util.RuntimeOptions): ListTagResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.nextToken)) {
    query['NextToken'] = request.nextToken;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTagResources',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the tags bound to one or more Bastionhost instances.
 *
 * @param request ListTagResourcesRequest
 * @return ListTagResourcesResponse
 */
async function listTagResources(request: ListTagResourcesRequest): ListTagResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTagResourcesWithOptions(request, runtime);
}

model ListUserGroupsRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query user groups.
 >You can call the [DescribeInstances ](https://help.aliyun.com/document_detail/462953.html)operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query user groups.
> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/462924.html).', example='cn-hangzhou'),
  userGroupName?: string(name='UserGroupName', description='The name of the user group that you want to query. Only exact match is supported.', example='TestGroup01'),
}

model ListUserGroupsResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of user groups returned.', example='1'),
  userGroups?: [ 
    {
      comment?: string(name='Comment', description='The description of the user group.', example='comment'),
      memberCount?: int32(name='MemberCount', description='The number of users in the user group.', example='5'),
      userGroupId?: string(name='UserGroupId', description='The ID of the user group.', example='1'),
      userGroupName?: string(name='UserGroupName', description='The name of the user group.', example='TestGroup01'),
    }
  ](name='UserGroups', description='The user groups returned.'),
}

model ListUserGroupsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListUserGroupsResponseBody(name='body'),
}

/**
 * @summary Queries a list of user groups on a bastion host.
 *
 * @param request ListUserGroupsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListUserGroupsResponse
 */
async function listUserGroupsWithOptions(request: ListUserGroupsRequest, runtime: Util.RuntimeOptions): ListUserGroupsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupName)) {
    query['UserGroupName'] = request.userGroupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListUserGroups',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of user groups on a bastion host.
 *
 * @param request ListUserGroupsRequest
 * @return ListUserGroupsResponse
 */
async function listUserGroups(request: ListUserGroupsRequest): ListUserGroupsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listUserGroupsWithOptions(request, runtime);
}

model ListUserPublicKeysRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to query all public keys of the user.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  pageNumber?: string(name='PageNumber', description='The number of the page to return. Default value: 1.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.\\\\
Maximum value: 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

> We recommend that you do not leave this parameter empty.', example='50'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to query all public keys of the user.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-shanghai'),
  userId?: string(name='UserId', description='The ID of the user whose public keys you want to query.', example='2'),
}

model ListUserPublicKeysResponseBody = {
  publicKeys?: [ 
    {
      comment?: string(name='Comment', description='The description of the public key.', example='comment'),
      fingerPrint?: string(name='FingerPrint', description='The fingerprint of the public key.', example='d8:7d:b6:27:70:2d:07:fb:c6:b6:66:0a:86:7b:0f:9a'),
      publicKeyId?: string(name='PublicKeyId', description='The ID of the public key.', example='1'),
      publicKeyName?: string(name='PublicKeyName', description='The name of the public key.', example='Keyname'),
      userId?: string(name='UserId', description='The ID of the user to which the public key belongs.', example='1'),
    }
  ](name='PublicKeys', description='An array that consists of the public keys of the user.'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: long(name='TotalCount', description='The total number of public keys.', example='5'),
}

model ListUserPublicKeysResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListUserPublicKeysResponseBody(name='body'),
}

/**
 * @summary Queries all public keys of the specified user.
 *
 * @param request ListUserPublicKeysRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListUserPublicKeysResponse
 */
async function listUserPublicKeysWithOptions(request: ListUserPublicKeysRequest, runtime: Util.RuntimeOptions): ListUserPublicKeysResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListUserPublicKeys',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries all public keys of the specified user.
 *
 * @param request ListUserPublicKeysRequest
 * @return ListUserPublicKeysResponse
 */
async function listUserPublicKeys(request: ListUserPublicKeysRequest): ListUserPublicKeysResponse {
  var runtime = new Util.RuntimeOptions{};
  return listUserPublicKeysWithOptions(request, runtime);
}

model ListUsersRequest {
  displayName?: string(name='DisplayName', description='The display name of the user that you want to query. Only exact match is supported.', example='abc'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose users you want to query.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  mobile?: string(name='Mobile', description='The mobile phone number of the user that you want to query. Only exact match is supported.', example='1359999****'),
  pageNumber?: string(name='PageNumber', description='The page number. Default value: **1**.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.\\\\
Valid values: 1 to 100. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

>  We recommend that you do not leave this parameter empty.', example='20'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose users you want to query.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  source?: string(name='Source', description='The type of the user that you want to query. Valid values:

*   **Local**: a local user.
*   **Ram**: a Resource Access Management (RAM) user.
*   **AD**: an Active Directory (AD)-authenticated user.
*   **LDAP**: a Lightweight Directory Access Protocol (LDAP)-authenticated user.', example='Local'),
  sourceUserId?: string(name='SourceUserId', description='The unique ID of the user that you want to query. Only exact match is supported.

>  This parameter uniquely identifies a RAM user of the bastion host. This parameter is valid if **Source** is set to **Ram**. You can call the [ListUsers](https://help.aliyun.com/document_detail/28684.html) operation in RAM to obtain the unique ID of the user from the **UserId** response parameter.', example='122748924538****'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group to which the user you want to query belongs.

>  You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the user group ID.', example='1'),
  userName?: string(name='UserName', description='The logon name of the user that you want to query. Only exact match is supported.', example='abc'),
  userState?: string(name='UserState', description='The state of the user that you want to query. Valid values:

*   **Normal**: The user is in normal state.
*   **Frozen**: The user is locked.
*   **Expired**: The user has expired.', example='Normal'),
}

model ListUsersResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  totalCount?: int32(name='TotalCount', description='The total number of users returned.', example='1'),
  users?: [ 
    {
      comment?: string(name='Comment', description='The remarks of the user.', example='comment'),
      displayName?: string(name='DisplayName', description='The display name of the user.', example='Bob'),
      effectiveEndTime?: long(name='EffectiveEndTime', description='The end time of the validity period of the user. The value is a UNIX timestamp. Unit: seconds.', example='1672502400'),
      effectiveStartTime?: long(name='EffectiveStartTime', description='The start time of the validity period of the user. The value is a UNIX timestamp. Unit: seconds.', example='1669630029'),
      email?: string(name='Email', description='The email address of the user.', example='1099**@qq.com'),
      language?: string(name='Language', description='This parameter is required if LanguageStatus is set to Custom. Valid values:

*   **zh-cn**: simplified Chinese.
*   **en**: English.', example='en'),
      languageStatus?: string(name='LanguageStatus', description='Indicates whether notifications are sent in the language specified in the global settings or a custom language.

*   **Global**
*   **Custom**', example='Custom'),
      mobile?: string(name='Mobile', description='The mobile phone number of the user.', example='1359999****'),
      mobileCountryCode?: string(name='MobileCountryCode', description='The location where the mobile phone number of the user is registered. Valid values:

*   **CN**: the Chinese mainland, whose international dialing code is +86.
*   **HK**: Hong Kong (China), whose international dialing code is +852.
*   **MO**: Macao (China), whose international dialing code is +853.
*   **TW**: Taiwan (China), whose international dialing code is +886.
*   **RU**: Russia, whose international dialing code is +7.
*   **SG**: Singapore, whose international dialing code is +65.
*   **MY**: Malaysia, whose international dialing code is +60.
*   **ID**: Indonesia, whose international dialing code is +62.
*   **DE**: Germany, whose international dialing code is +49.
*   **AU**: Australia, whose international dialing code is +61.
*   **US**: US, whose international dialing code is +1.
*   **AE**: United Arab Emirates, whose international dialing code is +971.
*   **JP:** Japan, whose international dialing code is +81.
*   **GB**: UK, whose international dialing code is +44.
*   **IN**: India, whose international dialing code is +91.
*   **KR**: Republic of Korea, whose international dialing code is +82.
*   **PH**: Philippines, whose international dialing code is +63.
*   **CH**: Switzerland, whose international dialing code is +41.
*   **SE**: Sweden, whose international dialing code is +46.', example='CN'),
      needResetPassword?: boolean(name='NeedResetPassword', description='Indicates whether password reset is required upon the next logon. Valid values:

*   **true**
*   **false**', example='true'),
      source?: string(name='Source', description='The type of the user. Valid values:

*   **Local**: a local user.
*   **Ram**: a RAM user.
*   **AD**: an AD-authenticated user.
*   **LDAP**: an LDAP-authenticated user.', example='Local'),
      sourceUserId?: string(name='SourceUserId', description='The unique ID of the user.

>  This parameter uniquely identifies a RAM user of the bastion host. A value is returned for this parameter if **Source** is set to **Ram**. No value is returned for this parameter if **Source** is set to **Local**.', example='122748924538****'),
      twoFactorMethods?: [ string ](name='TwoFactorMethods', description='An array of the enabled two-factor authentication methods.'),
      twoFactorStatus?: string(name='TwoFactorStatus', description='Indicates whether two-factor authentication is enabled for the user. Valid values:

*   **Global**: The global setting applies.
*   **Disable**: Two-factor authentication is disabled.
*   **Enable**: Two-factor authentication is enabled. The user-specific setting for the authentication method applies.', example='Enable'),
      userId?: string(name='UserId', description='The user ID.', example='1'),
      userName?: string(name='UserName', description='The logon name of the user.', example='abc_def'),
      userState?: [ string ](name='UserState', description='An array that lists the states of users.'),
    }
  ](name='Users', description='The users returned.'),
}

model ListUsersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListUsersResponseBody(name='body'),
}

/**
 * @summary Queries a list of users of a bastion host.
 *
 * @param request ListUsersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListUsersResponse
 */
async function listUsersWithOptions(request: ListUsersRequest, runtime: Util.RuntimeOptions): ListUsersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.mobile)) {
    query['Mobile'] = request.mobile;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceUserId)) {
    query['SourceUserId'] = request.sourceUserId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  if (!Util.isUnset(request.userState)) {
    query['UserState'] = request.userState;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListUsers',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of users of a bastion host.
 *
 * @param request ListUsersRequest
 * @return ListUsersResponse
 */
async function listUsers(request: ListUsersRequest): ListUsersResponse {
  var runtime = new Util.RuntimeOptions{};
  return listUsersWithOptions(request, runtime);
}

model LockUsersRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the users to be locked belong.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the users to be locked belong.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userIds?: string(name='UserIds', description='The ID of the user to be locked. The value is a JSON string. You can add up to 100 user IDs. If you specify multiple IDs, separate the IDs with commas (,).

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='["1","2","3"]'),
}

model LockUsersResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.

>Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.

>Check whether the specified ID of the bastion host exists, whether the specified hosts exist, and whether the specified host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
      userId?: string(name='UserId', description='The ID of the user.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model LockUsersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: LockUsersResponseBody(name='body'),
}

/**
 * @summary Locks one or more users of a bastion host.
 *
 * @description # Description
 * You can call this operation to lock one or more users of a bastion host. If a user does not need to use a bastion host to perform O\\&M operations within a specific period of time, you can lock the user. The locked user can no longer log on to or perform O\\&M operations on the hosts on which the user is granted permissions. If you want to unlock the user later, you can call the [UnlockUsers](https://help.aliyun.com/document_detail/204590.html) operation.
 * # Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request LockUsersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return LockUsersResponse
 */
async function lockUsersWithOptions(request: LockUsersRequest, runtime: Util.RuntimeOptions): LockUsersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'LockUsers',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Locks one or more users of a bastion host.
 *
 * @description # Description
 * You can call this operation to lock one or more users of a bastion host. If a user does not need to use a bastion host to perform O\\&M operations within a specific period of time, you can lock the user. The locked user can no longer log on to or perform O\\&M operations on the hosts on which the user is granted permissions. If you want to unlock the user later, you can call the [UnlockUsers](https://help.aliyun.com/document_detail/204590.html) operation.
 * # Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request LockUsersRequest
 * @return LockUsersResponse
 */
async function lockUsers(request: LockUsersRequest): LockUsersResponse {
  var runtime = new Util.RuntimeOptions{};
  return lockUsersWithOptions(request, runtime);
}

model ModifyDatabaseRequest {
  activeAddressType?: string(name='ActiveAddressType', description='The new address type of the database. Valid values:

*   **Public**
*   **Private**', example='Public'),
  comment?: string(name='Comment', description='The new remarks of the database.', example='tttttttt'),
  databaseId?: string(name='DatabaseId', description='The ID of the database to modify.

This parameter is required.', example='11'),
  databaseName?: string(name='DatabaseName', description='The new name of the database.', example='pgsql'),
  databasePort?: string(name='DatabasePort', description='The new port of the database.', example='5433'),
  databasePrivateAddress?: string(name='DatabasePrivateAddress', description='The new internal address of the database. Specify an IPv4 address or a domain name.', example='pc-bp169******'),
  databasePublicAddress?: string(name='DatabasePublicAddress', description='The new public address of the database. Specify an IPv4 address or a domain name.', example='pgm-uf6c******'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host that manages the database to modify.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-72137xe5n01'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the new network domain for the database.

>  You can call the [ListNetworkDomains](https://help.aliyun.com/document_detail/2758827.html) operation to query the network domain ID.', example='2'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host that manages the database to modify.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  sourceInstanceId?: string(name='SourceInstanceId', description='The ID of the ApsaraDB for RDS instance or PolarDB cluster to modify.

> This parameter is required if **Source** is set to **Rds** or **PolarDB**.', example='i-wz99nexqd62z3bvuvpz5'),
}

model ModifyDatabaseResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='162088A7-7D47-56A3-9D04-93DE7B6DBE1C'),
}

model ModifyDatabaseResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyDatabaseResponseBody(name='body'),
}

/**
 * @summary Modifies the basic information about a database.
 *
 * @param request ModifyDatabaseRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyDatabaseResponse
 */
async function modifyDatabaseWithOptions(request: ModifyDatabaseRequest, runtime: Util.RuntimeOptions): ModifyDatabaseResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.activeAddressType)) {
    query['ActiveAddressType'] = request.activeAddressType;
  }
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.databaseId)) {
    query['DatabaseId'] = request.databaseId;
  }
  if (!Util.isUnset(request.databaseName)) {
    query['DatabaseName'] = request.databaseName;
  }
  if (!Util.isUnset(request.databasePort)) {
    query['DatabasePort'] = request.databasePort;
  }
  if (!Util.isUnset(request.databasePrivateAddress)) {
    query['DatabasePrivateAddress'] = request.databasePrivateAddress;
  }
  if (!Util.isUnset(request.databasePublicAddress)) {
    query['DatabasePublicAddress'] = request.databasePublicAddress;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.sourceInstanceId)) {
    query['SourceInstanceId'] = request.sourceInstanceId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyDatabase',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the basic information about a database.
 *
 * @param request ModifyDatabaseRequest
 * @return ModifyDatabaseResponse
 */
async function modifyDatabase(request: ModifyDatabaseRequest): ModifyDatabaseResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyDatabaseWithOptions(request, runtime);
}

model ModifyDatabaseAccountRequest {
  databaseAccountId?: string(name='DatabaseAccountId', description='The ID of the database account to modify.

>  You can call the [ListDatabaseAccounts](https://help.aliyun.com/document_detail/2758839.html) operation to query the database account ID.

This parameter is required.', example='2'),
  databaseAccountName?: string(name='DatabaseAccountName', description='The new username of the database account. The username can be up to 128 characters in length.', example='aaa'),
  databaseSchema?: string(name='DatabaseSchema', description='The new name of the database. This parameter is required if the database engine is PostgreSQL or Oracle.', example='orcl'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host that manages the database account to modify.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-zpr2zyqx603'),
  password?: string(name='Password', description='The new password of the database account.', example='14SZ!******'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host that manages the database account to modify.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyDatabaseAccountResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='850FA4B4-5BD2-5269-903E-3B7E07E6C975'),
}

model ModifyDatabaseAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyDatabaseAccountResponseBody(name='body'),
}

/**
 * @summary Modifies the basic information about a database account.
 *
 * @param request ModifyDatabaseAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyDatabaseAccountResponse
 */
async function modifyDatabaseAccountWithOptions(request: ModifyDatabaseAccountRequest, runtime: Util.RuntimeOptions): ModifyDatabaseAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseAccountId)) {
    query['DatabaseAccountId'] = request.databaseAccountId;
  }
  if (!Util.isUnset(request.databaseAccountName)) {
    query['DatabaseAccountName'] = request.databaseAccountName;
  }
  if (!Util.isUnset(request.databaseSchema)) {
    query['DatabaseSchema'] = request.databaseSchema;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyDatabaseAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the basic information about a database account.
 *
 * @param request ModifyDatabaseAccountRequest
 * @return ModifyDatabaseAccountResponse
 */
async function modifyDatabaseAccount(request: ModifyDatabaseAccountRequest): ModifyDatabaseAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyDatabaseAccountWithOptions(request, runtime);
}

model ModifyHostRequest {
  comment?: string(name='Comment', description='The new description of the host. The description can be up to 500 characters in length.', example='Host for test.'),
  hostId?: string(name='HostId', description='The ID of the host.

> You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='1'),
  hostName?: string(name='HostName', description='The new name of the host. The name can be up to 128 characters.', example='TestHost'),
  hostPrivateAddress?: string(name='HostPrivateAddress', description='The new internal endpoint of the host. You can set this parameter to a domain name or an IP address.', example='193.168.XX.XX'),
  hostPublicAddress?: string(name='HostPublicAddress', description='The new public endpoint of the host. You can set this parameter to a domain name or an IP address.', example='200.1.XX.XX'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to modify the information about the host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the new network domain to which the host belongs.

> You can call the [ListNetworkDomains](https://help.aliyun.com/document_detail/2758827.html) operation to query the network domain ID.', example='1'),
  OSType?: string(name='OSType', description='The new operating system of the host. Valid values:

*   **Linux**
*   **Windows**', example='Linux'),
  prefKex?: string(name='PrefKex'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to modify the information about the host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyHostResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ModifyHostResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyHostResponseBody(name='body'),
}

/**
 * @summary Modifies information about a host. The information includes the address, name, and description of the host and the operating system that the host runs.
 *
 * @description You can call the ModifyHost operation to modify the basic information about a host in a data center, an Elastic Compute Service (ECS) instance, or a host in an ApsaraDB MyBase dedicated cluster.
 * > The basic information about ECS instances and hosts in ApsaraDB MyBase dedicated clusters within your Alibaba Cloud account is synchronized to Bastionhost on a regular basis. After you modify the basic information about an ECS instance or a host in an ApsaraDB MyBase dedicated cluster, the modification result may be overwritten by the synchronized information.
 *
 * @param request ModifyHostRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyHostResponse
 */
async function modifyHostWithOptions(request: ModifyHostRequest, runtime: Util.RuntimeOptions): ModifyHostResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.hostId)) {
    query['HostId'] = request.hostId;
  }
  if (!Util.isUnset(request.hostName)) {
    query['HostName'] = request.hostName;
  }
  if (!Util.isUnset(request.hostPrivateAddress)) {
    query['HostPrivateAddress'] = request.hostPrivateAddress;
  }
  if (!Util.isUnset(request.hostPublicAddress)) {
    query['HostPublicAddress'] = request.hostPublicAddress;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.OSType)) {
    query['OSType'] = request.OSType;
  }
  if (!Util.isUnset(request.prefKex)) {
    query['PrefKex'] = request.prefKex;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyHost',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies information about a host. The information includes the address, name, and description of the host and the operating system that the host runs.
 *
 * @description You can call the ModifyHost operation to modify the basic information about a host in a data center, an Elastic Compute Service (ECS) instance, or a host in an ApsaraDB MyBase dedicated cluster.
 * > The basic information about ECS instances and hosts in ApsaraDB MyBase dedicated clusters within your Alibaba Cloud account is synchronized to Bastionhost on a regular basis. After you modify the basic information about an ECS instance or a host in an ApsaraDB MyBase dedicated cluster, the modification result may be overwritten by the synchronized information.
 *
 * @param request ModifyHostRequest
 * @return ModifyHostResponse
 */
async function modifyHost(request: ModifyHostRequest): ModifyHostResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyHostWithOptions(request, runtime);
}

model ModifyHostAccountRequest {
  hostAccountId?: string(name='HostAccountId', description='The ID of the host account whose information you want to modify.

> You can call the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='1'),
  hostAccountName?: string(name='HostAccountName', description='The new name of the host account. The name can be up to 128 characters in length.', example='abc'),
  hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key that is associated with the host.

>  You can call the [ListHostShareKeys](https://help.aliyun.com/document_detail/462973.html) operation to query the shared key ID.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to modify the information about the host account.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  passPhrase?: string(name='PassPhrase', description='The passphrase for the new private key of the host account.

>  This parameter is valid only if the protocol used by the host is SSH. You do not need to configure this parameter if the protocol used by the host is Remote Desktop Protocol (RDP).', example='****'),
  password?: string(name='Password', description='The new password of the host account.', example='****'),
  privateKey?: string(name='PrivateKey', description='The new private key of the host account. Specify a Base64-encoded string.

>  This parameter takes effect only if the protocol used by the host is SSH. You do not need to configure this parameter if the protocol used by the host is Remote Desktop Protocol (RDP). You can call the [GetHostAccount](https://help.aliyun.com/document_detail/204391.html) operation to query the protocol used by the host. You can configure a password and a private key for the host account at the same time. If both a password and a private key are configured for the host account, Bastionhost preferentially uses the private key for logon.', example='****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to query the details of the host account.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyHostAccountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ModifyHostAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyHostAccountResponseBody(name='body'),
}

/**
 * @summary Modifies the information about a host account, such as the username, password, and private key of the host account.
 *
 * @param request ModifyHostAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyHostAccountResponse
 */
async function modifyHostAccountWithOptions(request: ModifyHostAccountRequest, runtime: Util.RuntimeOptions): ModifyHostAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostAccountId)) {
    query['HostAccountId'] = request.hostAccountId;
  }
  if (!Util.isUnset(request.hostAccountName)) {
    query['HostAccountName'] = request.hostAccountName;
  }
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.passPhrase)) {
    query['PassPhrase'] = request.passPhrase;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.privateKey)) {
    query['PrivateKey'] = request.privateKey;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyHostAccount',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the information about a host account, such as the username, password, and private key of the host account.
 *
 * @param request ModifyHostAccountRequest
 * @return ModifyHostAccountResponse
 */
async function modifyHostAccount(request: ModifyHostAccountRequest): ModifyHostAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyHostAccountWithOptions(request, runtime);
}

model ModifyHostGroupRequest {
  comment?: string(name='Comment', description='The new remarks of the asset group. The remarks can be up to 500 characters in length.', example='comment'),
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group that you want to modify.

>  You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the ID of the host group.

This parameter is required.', example='1'),
  hostGroupName?: string(name='HostGroupName', description='The new name of the asset group. The name can be up to 128 characters in length.', example='Group01'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose asset group you want to modify.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose asset group you want to modify.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyHostGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ModifyHostGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyHostGroupResponseBody(name='body'),
}

/**
 * @summary Modifies the name or description of the specified host group.
 *
 * @param request ModifyHostGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyHostGroupResponse
 */
async function modifyHostGroupWithOptions(request: ModifyHostGroupRequest, runtime: Util.RuntimeOptions): ModifyHostGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.hostGroupName)) {
    query['HostGroupName'] = request.hostGroupName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyHostGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the name or description of the specified host group.
 *
 * @param request ModifyHostGroupRequest
 * @return ModifyHostGroupResponse
 */
async function modifyHostGroup(request: ModifyHostGroupRequest): ModifyHostGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyHostGroupWithOptions(request, runtime);
}

model ModifyHostShareKeyRequest {
  hostShareKeyId?: string(name='HostShareKeyId', description='The ID of the shared key whose information you want to modify.

This parameter is required.', example='10247'),
  hostShareKeyName?: string(name='HostShareKeyName', description='The name of the shared key.', example='name'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  passPhrase?: string(name='PassPhrase', description='The password of the private key. Specify a Base64-encoded string.', example='****'),
  privateKey?: string(name='PrivateKey', description='The private key. Specify a Base64-encoded string.

>  Only Rivest-Shamir-Adleman (RSA) keys that are generated by using the ssh-keygen command and keys that are generated by using the Ed25519 algorithm are supported.', example='****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyHostShareKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ModifyHostShareKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyHostShareKeyResponseBody(name='body'),
}

/**
 * @summary Modifies a shared key.
 *
 * @param request ModifyHostShareKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyHostShareKeyResponse
 */
async function modifyHostShareKeyWithOptions(request: ModifyHostShareKeyRequest, runtime: Util.RuntimeOptions): ModifyHostShareKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostShareKeyId)) {
    query['HostShareKeyId'] = request.hostShareKeyId;
  }
  if (!Util.isUnset(request.hostShareKeyName)) {
    query['HostShareKeyName'] = request.hostShareKeyName;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.passPhrase)) {
    query['PassPhrase'] = request.passPhrase;
  }
  if (!Util.isUnset(request.privateKey)) {
    query['PrivateKey'] = request.privateKey;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyHostShareKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies a shared key.
 *
 * @param request ModifyHostShareKeyRequest
 * @return ModifyHostShareKeyResponse
 */
async function modifyHostShareKey(request: ModifyHostShareKeyRequest): ModifyHostShareKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyHostShareKeyWithOptions(request, runtime);
}

model ModifyHostsActiveAddressTypeRequest {
  activeAddressType?: string(name='ActiveAddressType', description='The new portal type of the host. Valid values:

*   **Public**: public portal
*   **Private**: internal portal

This parameter is required.', example='Private'),
  hostIds?: string(name='HostIds', description='The ID of the host for which you want to change the portal type. The value is a JSON string. You can add up to 100 host IDs.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the ID of the host.

This parameter is required.', example='["1","2"]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to change the portal type of the host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw***'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to change the portal type of the host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyHostsActiveAddressTypeResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.'),
    }
  ](name='Results', description='The result of the call.'),
}

model ModifyHostsActiveAddressTypeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyHostsActiveAddressTypeResponseBody(name='body'),
}

/**
 * @summary Changes the portal type of one or more hosts for O\\&M.
 *
 * @param request ModifyHostsActiveAddressTypeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyHostsActiveAddressTypeResponse
 */
async function modifyHostsActiveAddressTypeWithOptions(request: ModifyHostsActiveAddressTypeRequest, runtime: Util.RuntimeOptions): ModifyHostsActiveAddressTypeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.activeAddressType)) {
    query['ActiveAddressType'] = request.activeAddressType;
  }
  if (!Util.isUnset(request.hostIds)) {
    query['HostIds'] = request.hostIds;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyHostsActiveAddressType',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Changes the portal type of one or more hosts for O\\&M.
 *
 * @param request ModifyHostsActiveAddressTypeRequest
 * @return ModifyHostsActiveAddressTypeResponse
 */
async function modifyHostsActiveAddressType(request: ModifyHostsActiveAddressTypeRequest): ModifyHostsActiveAddressTypeResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyHostsActiveAddressTypeWithOptions(request, runtime);
}

model ModifyHostsPortRequest {
  hostIds?: string(name='HostIds', description='The ID of the host for which you want to change the port. The value is a JSON string. You can add up to 100 host IDs. If you specify multiple IDs, separate the IDs with commas (,).

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the IDs of hosts.

This parameter is required.', example='["1","2","3"]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to change the port of the host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  port?: string(name='Port', description='The new port of the host. The port number must be an integer. Valid values: 22 to 65535.

This parameter is required.', example='22'),
  protocolName?: string(name='ProtocolName', description='The protocol that is used to connect to the host. Valid values:

*   **SSH**
*   **RDP**

This parameter is required.', example='SSH'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to change the port of the host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyHostsPortResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.
*   **UNEXPECTED**: An unknown error occurred.
*   **INVALID_ARGUMENT**: A request parameter is invalid.
    > Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.

    > Check whether the specified ID of the bastion host exists, whether the specified hosts exist, and whether the specified host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.', example='-'),
    }
  ](name='Results', description='The result of the call.'),
}

model ModifyHostsPortResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyHostsPortResponseBody(name='body'),
}

/**
 * @summary Changes the port for the O\\\\\\\\\\\\&M protocol on one or more hosts.
 *
 * @description ## Usage notes
 * You can call this operation to change the port for the O&M protocol on one or more hosts. If the standard port for the O&M protocol on your host is vulnerable to attacks, you can call this operation to specify a custom port. For example, the standard port for SSH is port 22.  
 * >  Ports 0 to 1024 are reserved for Bastionhost. Do not change the port for the O&M protocol to a reserved port.  
 * ## QPS limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyHostsPortRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyHostsPortResponse
 */
async function modifyHostsPortWithOptions(request: ModifyHostsPortRequest, runtime: Util.RuntimeOptions): ModifyHostsPortResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostIds)) {
    query['HostIds'] = request.hostIds;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.protocolName)) {
    query['ProtocolName'] = request.protocolName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyHostsPort',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Changes the port for the O\\\\\\\\\\\\&M protocol on one or more hosts.
 *
 * @description ## Usage notes
 * You can call this operation to change the port for the O&M protocol on one or more hosts. If the standard port for the O&M protocol on your host is vulnerable to attacks, you can call this operation to specify a custom port. For example, the standard port for SSH is port 22.  
 * >  Ports 0 to 1024 are reserved for Bastionhost. Do not change the port for the O&M protocol to a reserved port.  
 * ## QPS limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyHostsPortRequest
 * @return ModifyHostsPortResponse
 */
async function modifyHostsPort(request: ModifyHostsPortRequest): ModifyHostsPortResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyHostsPortWithOptions(request, runtime);
}

model ModifyInstanceADAuthServerRequest {
  account?: string(name='Account', description='The username of the account that is used for the AD server.

This parameter is required.', example='cn=Manager,dc=test,dc=com'),
  baseDN?: string(name='BaseDN', description='The Base distinguished name (DN).

This parameter is required.', example='dc=test,dc=com'),
  domain?: string(name='Domain', description='The domain on the AD server.

This parameter is required.', example='domain'),
  emailMapping?: string(name='EmailMapping', description='The field that is used to indicate the email address of a user on the AD server.', example='emailAttr'),
  filter?: string(name='Filter', description='The condition that is used to filter users.', example='(objectClass=top)'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  isSSL?: string(name='IsSSL', description='Specifies whether SSL is supported. Valid values:

*   **true**
*   **false**

This parameter is required.', example='true'),
  mobileMapping?: string(name='MobileMapping', description='The field that is used to indicate the mobile phone number of a user on the AD server.', example='mobileAttr'),
  nameMapping?: string(name='NameMapping', description='The field that is used to indicate the name of a user on the AD server.', example='nameAttr'),
  password?: string(name='Password', description='The password of the account that is used for the AD server.', example='******'),
  port?: string(name='Port', description='The port that is used to access the server.

This parameter is required.', example='389'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  server?: string(name='Server', description='The address of the AD server.

This parameter is required.', example='192.168.XX.XX'),
  standbyServer?: string(name='StandbyServer', description='The address of the secondary AD server.', example='192.168.XX.XX'),
}

model ModifyInstanceADAuthServerResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='C9E97677-BD74-584B-AFCE-948C2A70BB82'),
}

model ModifyInstanceADAuthServerResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyInstanceADAuthServerResponseBody(name='body'),
}

/**
 * @summary Modifies the settings of the Active Directory (AD) authentication server of a bastion host.
 *
 * @param request ModifyInstanceADAuthServerRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyInstanceADAuthServerResponse
 */
async function modifyInstanceADAuthServerWithOptions(request: ModifyInstanceADAuthServerRequest, runtime: Util.RuntimeOptions): ModifyInstanceADAuthServerResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.account)) {
    query['Account'] = request.account;
  }
  if (!Util.isUnset(request.baseDN)) {
    query['BaseDN'] = request.baseDN;
  }
  if (!Util.isUnset(request.domain)) {
    query['Domain'] = request.domain;
  }
  if (!Util.isUnset(request.emailMapping)) {
    query['EmailMapping'] = request.emailMapping;
  }
  if (!Util.isUnset(request.filter)) {
    query['Filter'] = request.filter;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.isSSL)) {
    query['IsSSL'] = request.isSSL;
  }
  if (!Util.isUnset(request.mobileMapping)) {
    query['MobileMapping'] = request.mobileMapping;
  }
  if (!Util.isUnset(request.nameMapping)) {
    query['NameMapping'] = request.nameMapping;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.server)) {
    query['Server'] = request.server;
  }
  if (!Util.isUnset(request.standbyServer)) {
    query['StandbyServer'] = request.standbyServer;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyInstanceADAuthServer',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the settings of the Active Directory (AD) authentication server of a bastion host.
 *
 * @param request ModifyInstanceADAuthServerRequest
 * @return ModifyInstanceADAuthServerResponse
 */
async function modifyInstanceADAuthServer(request: ModifyInstanceADAuthServerRequest): ModifyInstanceADAuthServerResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyInstanceADAuthServerWithOptions(request, runtime);
}

model ModifyInstanceAttributeRequest {
  description?: string(name='Description', description='The description of the bastion host.

> The description must be up to 30 characters in length, and can contain letters, digits, underscores (_), and hyphens (-).', example='Bastionhost demo'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyInstanceAttributeResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='E07158EA-D1A3-4BAA-84DA-2FE230D03884'),
}

model ModifyInstanceAttributeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyInstanceAttributeResponseBody(name='body'),
}

/**
 * @summary Modifies the information about a bastion host.
 *
 * @param request ModifyInstanceAttributeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyInstanceAttributeResponse
 */
async function modifyInstanceAttributeWithOptions(request: ModifyInstanceAttributeRequest, runtime: Util.RuntimeOptions): ModifyInstanceAttributeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyInstanceAttribute',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the information about a bastion host.
 *
 * @param request ModifyInstanceAttributeRequest
 * @return ModifyInstanceAttributeResponse
 */
async function modifyInstanceAttribute(request: ModifyInstanceAttributeRequest): ModifyInstanceAttributeResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyInstanceAttributeWithOptions(request, runtime);
}

model ModifyInstanceLDAPAuthServerRequest {
  account?: string(name='Account', description='The username of the account that is used for the LDAP server.

This parameter is required.', example='cn=Manager,dc=test,dc=com'),
  baseDN?: string(name='BaseDN', description='The Base distinguished name (DN).

This parameter is required.', example='dc=test,dc=com'),
  emailMapping?: string(name='EmailMapping', description='The field that is used to indicate the email address of a user on the LDAP server.', example='emailAttr'),
  filter?: string(name='Filter', description='The condition that is used to filter users.', example='(objectClass=top)'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  isSSL?: string(name='IsSSL', description='Specifies whether to support SSL. Valid values:

*   **true**
*   **false**', example='true'),
  loginNameMapping?: string(name='LoginNameMapping', description='The field that is used to indicate the logon name of a user on the LDAP server.', example='userNameAttr'),
  mobileMapping?: string(name='MobileMapping', description='The field that is used to indicate the mobile phone number of a user on the LDAP server.', example='mobileAttr'),
  nameMapping?: string(name='NameMapping', description='The field that is used to indicate the name of a user on the LDAP server.', example='nameAttr'),
  password?: string(name='Password', description='The password of the account that is used for the LDAP server. You must configure a password when you configure LDAP authentication. If you leave this parameter empty when you modify the settings of LDAP authentication, the current password is used.', example='******'),
  port?: string(name='Port', description='The port that is used to access the LDAP server.

This parameter is required.', example='389'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  server?: string(name='Server', description='The address of the LDAP server.

This parameter is required.', example='192.168.XX.XX'),
  standbyServer?: string(name='StandbyServer', description='The address of the secondary LDAP server.', example='192.168.XX.XX'),
}

model ModifyInstanceLDAPAuthServerResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='8F1085E3-F048-5F34-B650-F145216E4AA4'),
}

model ModifyInstanceLDAPAuthServerResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyInstanceLDAPAuthServerResponseBody(name='body'),
}

/**
 * @summary Modifies the settings of the Lightweight Directory Access Protocol (LDAP) authentication server of a bastion host.
 *
 * @param request ModifyInstanceLDAPAuthServerRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyInstanceLDAPAuthServerResponse
 */
async function modifyInstanceLDAPAuthServerWithOptions(request: ModifyInstanceLDAPAuthServerRequest, runtime: Util.RuntimeOptions): ModifyInstanceLDAPAuthServerResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.account)) {
    query['Account'] = request.account;
  }
  if (!Util.isUnset(request.baseDN)) {
    query['BaseDN'] = request.baseDN;
  }
  if (!Util.isUnset(request.emailMapping)) {
    query['EmailMapping'] = request.emailMapping;
  }
  if (!Util.isUnset(request.filter)) {
    query['Filter'] = request.filter;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.isSSL)) {
    query['IsSSL'] = request.isSSL;
  }
  if (!Util.isUnset(request.loginNameMapping)) {
    query['LoginNameMapping'] = request.loginNameMapping;
  }
  if (!Util.isUnset(request.mobileMapping)) {
    query['MobileMapping'] = request.mobileMapping;
  }
  if (!Util.isUnset(request.nameMapping)) {
    query['NameMapping'] = request.nameMapping;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.server)) {
    query['Server'] = request.server;
  }
  if (!Util.isUnset(request.standbyServer)) {
    query['StandbyServer'] = request.standbyServer;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyInstanceLDAPAuthServer',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the settings of the Lightweight Directory Access Protocol (LDAP) authentication server of a bastion host.
 *
 * @param request ModifyInstanceLDAPAuthServerRequest
 * @return ModifyInstanceLDAPAuthServerResponse
 */
async function modifyInstanceLDAPAuthServer(request: ModifyInstanceLDAPAuthServerRequest): ModifyInstanceLDAPAuthServerResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyInstanceLDAPAuthServerWithOptions(request, runtime);
}

model ModifyInstanceTwoFactorRequest {
  enableTwoFactor?: string(name='EnableTwoFactor', description='Specifies whether to enable two-factor authentication. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  skipTwoFactorTime?: string(name='SkipTwoFactorTime', description='The duration within which two-factor authentication is not required after a user passes two-factor authentication. Valid values: 0 to 168. Unit: hours. If you set this parameter to 0, the user must pass two-factor authentication every time the user logs on to the bastion host.', example='1'),
  twoFactorMethods?: string(name='TwoFactorMethods', description='The method used to send a verification code for two-factor authentication. If EnableTwoFactor is set to true, you must specify at least one method. Valid values:

*   **sms:** text message.
*   **email**: email.
*   **dingtalk**: notice in DingTalk.
*   **totp**: one-time password (OTP) token.
*   **gmusbkey**: SM-based USB key.', example='["sms"]'),
}

model ModifyInstanceTwoFactorResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='9CE1A352-15E9-5EB4-B589-87A8DEECB20D'),
}

model ModifyInstanceTwoFactorResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyInstanceTwoFactorResponseBody(name='body'),
}

/**
 * @summary Modifies the two-factor authentication settings of a bastion host.
 *
 * @param request ModifyInstanceTwoFactorRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyInstanceTwoFactorResponse
 */
async function modifyInstanceTwoFactorWithOptions(request: ModifyInstanceTwoFactorRequest, runtime: Util.RuntimeOptions): ModifyInstanceTwoFactorResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.enableTwoFactor)) {
    query['EnableTwoFactor'] = request.enableTwoFactor;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.skipTwoFactorTime)) {
    query['SkipTwoFactorTime'] = request.skipTwoFactorTime;
  }
  if (!Util.isUnset(request.twoFactorMethods)) {
    query['TwoFactorMethods'] = request.twoFactorMethods;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyInstanceTwoFactor',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the two-factor authentication settings of a bastion host.
 *
 * @param request ModifyInstanceTwoFactorRequest
 * @return ModifyInstanceTwoFactorResponse
 */
async function modifyInstanceTwoFactor(request: ModifyInstanceTwoFactorRequest): ModifyInstanceTwoFactorResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyInstanceTwoFactorWithOptions(request, runtime);
}

model ModifyNetworkDomainRequest {
  comment?: string(name='Comment', description='The new remarks of the network domain.', example='xxx'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the network domain to modify belongs.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-x0r3hyr3f09'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to modify.

This parameter is required.', example='3'),
  networkDomainName?: string(name='NetworkDomainName', description='The new name of the network domain.', example='test'),
  networkDomainType?: string(name='NetworkDomainType', description='The new connection mode of the network domain. Valid values:

*   **Direct**
*   **Proxy**', example='Proxy'),
  proxies?: [ 
    {
      address?: string(name='Address', description='The new IP address of the proxy server.', example='114.21**.**'),
      nodeType?: string(name='NodeType', description='The node type of the proxy server to modify. Valid values:

*   **Master**: primary proxy server.
*   **Slave**: secondary proxy server.', example='Slave'),
      password?: string(name='Password', description='The new password of the proxy server account.', example='***'),
      port?: int32(name='Port', description='The new port of the proxy server.', example='22'),
      proxyType?: string(name='ProxyType', description='The new proxy mode. Valid values:

*   **SSHProxy**
*   **HTTPProxy**
*   **Socks5Proxy**', example='HTTPProxy'),
      user?: string(name='User', description='The new username of the proxy server account.', example='test'),
    }
  ](name='Proxies', description='The information about the proxy servers in the network domain.'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the network domain to modify belongs.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyNetworkDomainResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='ED49CD1E-3510-5E5C-9133-E2067B656501'),
}

model ModifyNetworkDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyNetworkDomainResponseBody(name='body'),
}

/**
 * @summary Modifies the basic information about a network domain.
 *
 * @param request ModifyNetworkDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyNetworkDomainResponse
 */
async function modifyNetworkDomainWithOptions(request: ModifyNetworkDomainRequest, runtime: Util.RuntimeOptions): ModifyNetworkDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.networkDomainName)) {
    query['NetworkDomainName'] = request.networkDomainName;
  }
  if (!Util.isUnset(request.networkDomainType)) {
    query['NetworkDomainType'] = request.networkDomainType;
  }
  if (!Util.isUnset(request.proxies)) {
    query['Proxies'] = request.proxies;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyNetworkDomain',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the basic information about a network domain.
 *
 * @param request ModifyNetworkDomainRequest
 * @return ModifyNetworkDomainResponse
 */
async function modifyNetworkDomain(request: ModifyNetworkDomainRequest): ModifyNetworkDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyNetworkDomainWithOptions(request, runtime);
}

model ModifyPolicyRequest {
  comment?: string(name='Comment', description='The new remarks of the control policy.'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the control policy to modify belongs.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-09k1u8mv501'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

This parameter is required.', example='7'),
  policyName?: string(name='PolicyName', description='The new name of the control policy.', example='test'),
  priority?: string(name='Priority', description='The priority of the modified control policy. Valid values: 1 to 100. The smaller the value, the higher the priority. Default value: 1.', example='3'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the control policy to modify belongs.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='A34F9731-A4EA-5D1D-8445-BAEF782BFFE6'),
}

model ModifyPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyPolicyResponseBody(name='body'),
}

/**
 * @summary Modifies the basic information about a control policy.
 *
 * @param request ModifyPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyPolicyResponse
 */
async function modifyPolicyWithOptions(request: ModifyPolicyRequest, runtime: Util.RuntimeOptions): ModifyPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.priority)) {
    query['Priority'] = request.priority;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyPolicy',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the basic information about a control policy.
 *
 * @param request ModifyPolicyRequest
 * @return ModifyPolicyResponse
 */
async function modifyPolicy(request: ModifyPolicyRequest): ModifyPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyPolicyWithOptions(request, runtime);
}

model ModifyRuleRequest {
  comment?: string(name='Comment', description='The new remarks of the authorization rule. It can be up to 500 characters in length.'),
  databases?: [ 
    {
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='The database account IDs.'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='[
    {
        "DatabaseId": "1"
    }
]'),
    }
  ](name='Databases', description='The databases and database accounts that a user associated with the modified rule can manage.'),
  effectiveEndTime?: long(name='EffectiveEndTime', description='The end time of the new validity period of the authorization rule. The value is a UNIX timestamp. Unit: seconds.', example='1672502400'),
  effectiveStartTime?: long(name='EffectiveStartTime', description='The start time of the new validity period of the authorization rule. The value is a UNIX timestamp. Unit: seconds.', example='1669630029'),
  hostGroups?: [ 
    {
      hostAccountNames?: [ string ](name='HostAccountNames', description='The names of the asset accounts.'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='[{"HostGroupId":"1"}]'),
    }
  ](name='HostGroups', description='The asset groups and asset accounts that a user associated with the modified rule can manage.'),
  hosts?: [ 
    {
      hostAccountIds?: [ string ](name='HostAccountIds', description='The host account IDs.'),
      hostId?: string(name='HostId', description='The host ID.', example='[{"HostId":"1"}]'),
    }
  ](name='Hosts', description='An array that consists of the host IDs and host account IDs with which the modified authorization rule is associated.'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose authorization rule you want to modify.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-zmb2y9ydw08'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the authorization rule to modify belongs.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  ruleId?: string(name='RuleId', description='The ID of the authorization rule to modify.

This parameter is required.', example='68'),
  ruleName?: string(name='RuleName', description='The new name of the authorization rule. The name must be 1 to 128 characters in length and can contain periods (.), underscores (_), hyphens (-), single quotation marks (\\\\"), and spaces. It cannot start with a special character.', example='test'),
  userGroupIds?: [ string ](name='UserGroupIds', description='The IDs of the user groups with which the modified authorization rule is associated.'),
  userIds?: [ string ](name='UserIds', description='The IDs of the users with whom the modified authorization rule is associated.'),
}

model ModifyRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='67EB57AD-5C83-537B-B2A1-6082798965F0'),
}

model ModifyRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyRuleResponseBody(name='body'),
}

/**
 * @summary Modifies the basic information of an authorization rule.
 *
 * @param request ModifyRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyRuleResponse
 */
async function modifyRuleWithOptions(request: ModifyRuleRequest, runtime: Util.RuntimeOptions): ModifyRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.effectiveEndTime)) {
    query['EffectiveEndTime'] = request.effectiveEndTime;
  }
  if (!Util.isUnset(request.effectiveStartTime)) {
    query['EffectiveStartTime'] = request.effectiveStartTime;
  }
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  if (!Util.isUnset(request.ruleName)) {
    query['RuleName'] = request.ruleName;
  }
  if (!Util.isUnset(request.userGroupIds)) {
    query['UserGroupIds'] = request.userGroupIds;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyRule',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the basic information of an authorization rule.
 *
 * @param request ModifyRuleRequest
 * @return ModifyRuleResponse
 */
async function modifyRule(request: ModifyRuleRequest): ModifyRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyRuleWithOptions(request, runtime);
}

model ModifyUserRequest {
  comment?: string(name='Comment', description='The new remarks of the user. The remarks can be up to 500 characters in length.

>  Leave this parameter empty if you do not want to change the remarks of the user.', example='comment'),
  displayName?: string(name='DisplayName', description='The new display name of the user. The display name can be up to 128 characters in length.

>  Leave this parameter empty if you do not want to change the display name of the user.', example='Bob'),
  effectiveEndTime?: long(name='EffectiveEndTime', description='The end time of the validity period of the user. Specify a UNIX timestamp. Unit: seconds.

>  Leave this parameter empty if you do not want to change the end time of the validity period.', example='1672502400'),
  effectiveStartTime?: long(name='EffectiveStartTime', description='The start time of the validity period of the user. Specify a UNIX timestamp. Unit: seconds.

>  Leave this parameter empty if you do not want to change the start time of the validity period.', example='1669630029'),
  email?: string(name='Email', description='The new email address of the user.

> 

*   This parameter is required if TwoFactorStatus is set to Enable and TwoFactorMethods is set to email, or if TwoFactorStatus is set to Global and TwoFactorMethods is set to email in the global two-factor authentication settings.

*   You can call the [GetInstanceTwoFactor](https://help.aliyun.com/document_detail/462968.html) operation to query the global two-factor authentication settings.

*   Leave this parameter empty if you do not want to change the email address of the user.', example='username@example.com'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to modify the information about the user.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  language?: string(name='Language', description='This parameter is required if LanguageStatus is set to Custom.

- **zh-cn**: simplified Chinese
- **en**: English', example='en'),
  languageStatus?: string(name='LanguageStatus', description='Specifies whether to send notifications in the language specified in the global settings or a custom language.

*   **Global**
*   **Custom**

>  Leave this parameter empty if you do not want to change the natural language used to notify the user.', example='Custom'),
  mobile?: string(name='Mobile', description='The new mobile phone number of the user.

> 

*   This parameter is required if TwoFactorStatus is set to Enable and TwoFactorMethods is set to sms or dingtalk, or if TwoFactorStatus is set to Global and TwoFactorMethods is set to sms or dingtalk in the global two-factor authentication settings.

*   You can call the [GetInstanceTwoFactor](https://help.aliyun.com/document_detail/462968.html) operation to query the global two-factor authentication settings.

*   Leave this parameter empty if you do not want to change the mobile phone number of the user.', example='1358888****'),
  mobileCountryCode?: string(name='MobileCountryCode', description='The country where the new mobile number of the user is registered. Valid values:

*   **CN:** the Chinese mainland, whose country calling code is +86
*   **HK:** Hong Kong (China), whose country calling code is +852
*   **MO:** Macao (China), whose country calling code is +853
*   **TW:** Taiwan (China), whose country calling code is +886
*   **RU:** Russia, whose country calling code is +7
*   **SG:** Singapore, whose country calling code is +65
*   **MY:** Malaysia, whose country calling code is +60
*   **ID:** Indonesia, whose country calling code is +62
*   **DE:** Germany, whose country calling code is +49
*   **AU:** Australia, whose country calling code is +61
*   **US:** US, whose country calling code is +1
*   **AE:** United Arab Emirates, whose country calling code is +971
*   **JP:** Japan, whose country calling code is +81
*   **GB:** UK, whose country calling code is +44
*   **IN:** India, whose country calling code is +91
*   **KR:** Republic of Korea, whose country calling code is +82
*   **PH:** Philippines, whose country calling code is +63
*   **CH:** Switzerland, whose country calling code is +41
*   **SE:** Sweden, whose country calling code is +46
*   **SA:** Saudi Arabia, whose country calling code is +966', example='CN'),
  needResetPassword?: boolean(name='NeedResetPassword', description='Specifies whether password reset is required upon the next logon. Valid values:

*   **true**
*   **false**

>  Leave this parameter empty if you do not want to change the password reset settings for the user.', example='true'),
  password?: string(name='Password', description='The new password of the user. The password must be 8 to 128 characters in length. It must contain uppercase letters, lowercase letters, digits, and special characters.

> Leave this parameter empty if you do not want to change the password of the user.', example='321****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host on which you want to modify the information about the user.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  twoFactorMethods?: string(name='TwoFactorMethods', description='The two-factor authentication method. You can select only one method. Valid values:

*   **sms**: text message-based two-factor authentication.
*   **email**: email-based two-factor authentication.
*   **dingtalk**: DingTalk-based two-factor authentication.
*   **totp OTP:** one-time password (OTP) token-based two-factor authentication.

>  If TwoFactorStatus is set to Enable, you must specify one of the valid values as TwoFactorMethods.', example='sms'),
  twoFactorStatus?: string(name='TwoFactorStatus', description='Specifies whether two-factor authentication is enabled for the user. Valid values:

*   **Global**: The global settings apply.
*   **Disable**: Two-factor authentication is disabled.
*   **Enable**: Two-factor authentication is enabled and user-specific settings apply.

>  Leave this parameter empty if you do not want to change the two-factory authentication settings for the user.', example='Enable'),
  userId?: string(name='UserId', description='The ID of the user whose information you want to modify.

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the user ID.

This parameter is required.', example='1'),
}

model ModifyUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ModifyUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyUserResponseBody(name='body'),
}

/**
 * @summary Modifies the information about a user of a bastion host.
 *
 * @param request ModifyUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyUserResponse
 */
async function modifyUserWithOptions(request: ModifyUserRequest, runtime: Util.RuntimeOptions): ModifyUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.effectiveEndTime)) {
    query['EffectiveEndTime'] = request.effectiveEndTime;
  }
  if (!Util.isUnset(request.effectiveStartTime)) {
    query['EffectiveStartTime'] = request.effectiveStartTime;
  }
  if (!Util.isUnset(request.email)) {
    query['Email'] = request.email;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.languageStatus)) {
    query['LanguageStatus'] = request.languageStatus;
  }
  if (!Util.isUnset(request.mobile)) {
    query['Mobile'] = request.mobile;
  }
  if (!Util.isUnset(request.mobileCountryCode)) {
    query['MobileCountryCode'] = request.mobileCountryCode;
  }
  if (!Util.isUnset(request.needResetPassword)) {
    query['NeedResetPassword'] = request.needResetPassword;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.twoFactorMethods)) {
    query['TwoFactorMethods'] = request.twoFactorMethods;
  }
  if (!Util.isUnset(request.twoFactorStatus)) {
    query['TwoFactorStatus'] = request.twoFactorStatus;
  }
  if (!Util.isUnset(request.userId)) {
    query['UserId'] = request.userId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyUser',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the information about a user of a bastion host.
 *
 * @param request ModifyUserRequest
 * @return ModifyUserResponse
 */
async function modifyUser(request: ModifyUserRequest): ModifyUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyUserWithOptions(request, runtime);
}

model ModifyUserGroupRequest {
  comment?: string(name='Comment', description='The new description of the user group. The description can be up to 500 characters in length.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host in which you want to modify the information about the user group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host in which you want to modify the information about the user group.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group that you want to modify.

> You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='1'),
  userGroupName?: string(name='UserGroupName', description='The new name of the user group. This name can be up to 128 characters in length.', example='TestUserGroup'),
}

model ModifyUserGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model ModifyUserGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyUserGroupResponseBody(name='body'),
}

/**
 * @summary Modifies the information about the specified user group.
 *
 * @param request ModifyUserGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyUserGroupResponse
 */
async function modifyUserGroupWithOptions(request: ModifyUserGroupRequest, runtime: Util.RuntimeOptions): ModifyUserGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  if (!Util.isUnset(request.userGroupName)) {
    query['UserGroupName'] = request.userGroupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyUserGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the information about the specified user group.
 *
 * @param request ModifyUserGroupRequest
 * @return ModifyUserGroupResponse
 */
async function modifyUserGroup(request: ModifyUserGroupRequest): ModifyUserGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyUserGroupWithOptions(request, runtime);
}

model ModifyUserPublicKeyRequest {
  comment?: string(name='Comment', description='The new description of the user group. The description can be up to 500 characters in length.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host on which you want to modify the public key of a user.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-nif236pmc1u'),
  publicKey?: string(name='PublicKey', description='The new public key.

>  Specify a Base64-encoded string.', example='c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUhVcjY4UENFYWFzZjFYRVpNYTVsMlNBQytHV3FpeXVsRVpndkV4dmlPM28gcm9vdEA5NjBkMmNhOTcwYjU='),
  publicKeyId?: string(name='PublicKeyId', description='The ID of the public key that you want to modify.

>  You can call the [ListUserPublicKeys](https://help.aliyun.com/document_detail/477555.html) operation to query the public key ID.

This parameter is required.', example='2'),
  publicKeyName?: string(name='PublicKeyName', description='The name of the public key that you want to modify. This name can be up to 128 characters in length.', example='name'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host that is used to modify the public key of the user.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ModifyUserPublicKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='AAB631FB-ABD0-5783-99F3-F29573B129E4'),
}

model ModifyUserPublicKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyUserPublicKeyResponseBody(name='body'),
}

/**
 * @summary Modifies the public key of the user.
 *
 * @param request ModifyUserPublicKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyUserPublicKeyResponse
 */
async function modifyUserPublicKeyWithOptions(request: ModifyUserPublicKeyRequest, runtime: Util.RuntimeOptions): ModifyUserPublicKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.publicKey)) {
    query['PublicKey'] = request.publicKey;
  }
  if (!Util.isUnset(request.publicKeyId)) {
    query['PublicKeyId'] = request.publicKeyId;
  }
  if (!Util.isUnset(request.publicKeyName)) {
    query['PublicKeyName'] = request.publicKeyName;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyUserPublicKey',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modifies the public key of the user.
 *
 * @param request ModifyUserPublicKeyRequest
 * @return ModifyUserPublicKeyResponse
 */
async function modifyUserPublicKey(request: ModifyUserPublicKeyRequest): ModifyUserPublicKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyUserPublicKeyWithOptions(request, runtime);
}

model MoveDatabasesToNetworkDomainRequest {
  databaseIds?: [ string ](name='DatabaseIds', description='The IDs of the databases that you want to add to the network domain.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-zpr3h2zo60l'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to which you want to add databases.

> You can call the [ListNetworkDomains](https://help.aliyun.com/document_detail/2758827.html) operation to query the network domain ID.

This parameter is required.', example='3'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.
> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model MoveDatabasesToNetworkDomainResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='E5B1BC32-72B2-5BFD-BF75-5D38261264D1'),
  results?: [ 
    {
      code?: string(name='Code', description='Indicates whether the database is added to the network domain.

> The code LICENSE_OUT_OF_LIMIT indicates that the network domain feature is not supported by the current Bastionhost edition.', example='OK'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='45'),
      message?: string(name='Message', description='The error message that is returned.', example='N/A'),
    }
  ](name='Results', description='The results of the call.'),
}

model MoveDatabasesToNetworkDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: MoveDatabasesToNetworkDomainResponseBody(name='body'),
}

/**
 * @summary Adds multiple databases to a network domain at a time.
 *
 * @param request MoveDatabasesToNetworkDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return MoveDatabasesToNetworkDomainResponse
 */
async function moveDatabasesToNetworkDomainWithOptions(request: MoveDatabasesToNetworkDomainRequest, runtime: Util.RuntimeOptions): MoveDatabasesToNetworkDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseIds)) {
    query['DatabaseIds'] = request.databaseIds;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'MoveDatabasesToNetworkDomain',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Adds multiple databases to a network domain at a time.
 *
 * @param request MoveDatabasesToNetworkDomainRequest
 * @return MoveDatabasesToNetworkDomainResponse
 */
async function moveDatabasesToNetworkDomain(request: MoveDatabasesToNetworkDomainRequest): MoveDatabasesToNetworkDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return moveDatabasesToNetworkDomainWithOptions(request, runtime);
}

model MoveHostsToNetworkDomainRequest {
  hostIds?: [ string ](name='HostIds', description='The IDs of the hosts that you want to add to the network domain.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-uax2zmx8005'),
  networkDomainId?: string(name='NetworkDomainId', description='The ID of the network domain to which you want to add hosts.

>  You can call the [ListNetworkDomains](https://help.aliyun.com/document_detail/2758827.html) operation to query the network domain ID.

This parameter is required.', example='2'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model MoveHostsToNetworkDomainResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='F9B9E190-9C8E-5FEE-B963-7E9F1FD7FB4E'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the host is added to the network domain.

> The code LICENSE_OUT_OF_LIMIT indicates that the network domain feature is not supported by the current Bastionhost edition.', example='OK'),
      hostId?: string(name='HostId', description='The host ID.', example='1'),
      message?: string(name='Message', description='The error message that is returned.'),
    }
  ](name='Results', description='The result of the call.'),
}

model MoveHostsToNetworkDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: MoveHostsToNetworkDomainResponseBody(name='body'),
}

/**
 * @summary Adds multiple hosts to a network domain at a time.
 *
 * @param request MoveHostsToNetworkDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return MoveHostsToNetworkDomainResponse
 */
async function moveHostsToNetworkDomainWithOptions(request: MoveHostsToNetworkDomainRequest, runtime: Util.RuntimeOptions): MoveHostsToNetworkDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostIds)) {
    query['HostIds'] = request.hostIds;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.networkDomainId)) {
    query['NetworkDomainId'] = request.networkDomainId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'MoveHostsToNetworkDomain',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Adds multiple hosts to a network domain at a time.
 *
 * @param request MoveHostsToNetworkDomainRequest
 * @return MoveHostsToNetworkDomainResponse
 */
async function moveHostsToNetworkDomain(request: MoveHostsToNetworkDomainRequest): MoveHostsToNetworkDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return moveHostsToNetworkDomainWithOptions(request, runtime);
}

model MoveResourceGroupRequest {
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

This parameter is required.', example='cn-hangzhou'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group to which the bastion host is moved.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the resource group ID of the bastion host.

This parameter is required.', example='rg-aekznp3oyo****'),
  resourceId?: string(name='ResourceId', description='The ID of the bastion host for which you want to change the resource group.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  resourceType?: string(name='ResourceType', description='The type of the resource. Set the value to **INSTANCE**, which indicates that the resource is a bastion host.

This parameter is required.', example='INSTANCE'),
}

model MoveResourceGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='1DEEC28D-27B1-4358-B6DC-E1285AE655C5'),
}

model MoveResourceGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: MoveResourceGroupResponseBody(name='body'),
}

/**
 * @summary Moves a bastion host from one resource group to another resource group.
 *
 * @param request MoveResourceGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return MoveResourceGroupResponse
 */
async function moveResourceGroupWithOptions(request: MoveResourceGroupRequest, runtime: Util.RuntimeOptions): MoveResourceGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'MoveResourceGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Moves a bastion host from one resource group to another resource group.
 *
 * @param request MoveResourceGroupRequest
 * @return MoveResourceGroupResponse
 */
async function moveResourceGroup(request: MoveResourceGroupRequest): MoveResourceGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return moveResourceGroupWithOptions(request, runtime);
}

model RejectApproveCommandRequest {
  commandId?: string(name='CommandId', description='The ID of the command that you want to reject.

>  You can call the [ListApproveCommands](https://help.aliyun.com/document_detail/2584310.html) operation to query the IDs of all commands that need to be reviewed.

This parameter is required.', example='574'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model RejectApproveCommandResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model RejectApproveCommandResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RejectApproveCommandResponseBody(name='body'),
}

/**
 * @summary If an O\\&M engineer attempts to run a command specified in the Command Approval section of the Create Control Policy page, the administrator is notified to review the command in the Bastionhost console. The command can be run only after it is approved by the administrator.
 *
 * @description You can call this operation as a Bastionhost administrator to reject the request to run a command of an O\\&M engineer.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request RejectApproveCommandRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RejectApproveCommandResponse
 */
async function rejectApproveCommandWithOptions(request: RejectApproveCommandRequest, runtime: Util.RuntimeOptions): RejectApproveCommandResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.commandId)) {
    query['CommandId'] = request.commandId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RejectApproveCommand',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary If an O\\&M engineer attempts to run a command specified in the Command Approval section of the Create Control Policy page, the administrator is notified to review the command in the Bastionhost console. The command can be run only after it is approved by the administrator.
 *
 * @description You can call this operation as a Bastionhost administrator to reject the request to run a command of an O\\&M engineer.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request RejectApproveCommandRequest
 * @return RejectApproveCommandResponse
 */
async function rejectApproveCommand(request: RejectApproveCommandRequest): RejectApproveCommandResponse {
  var runtime = new Util.RuntimeOptions{};
  return rejectApproveCommandWithOptions(request, runtime);
}

model RejectOperationTicketRequest {
  comment?: string(name='Comment', description='The review remarks.', example='comment'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  operationTicketId?: string(name='OperationTicketId', description='The ID of the O\\\\&M application that you want to reject.

>  You can call the [ListOperationTickets](https://help.aliyun.com/document_detail/2584313.html) operation to query the IDs of all O\\\\&M applications that require review.

This parameter is required.', example='2'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model RejectOperationTicketResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model RejectOperationTicketResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RejectOperationTicketResponseBody(name='body'),
}

/**
 * @summary If a Bastionhost administrator enables O\\\\\\&M Approval on the Create Control Policy page, O\\\\\\&M engineers can log on to assets to perform O\\\\\\&M operations only after the administrator approves their O\\\\\\&M applications.
 *
 * @description You can call this operation to reject an O\\&M application of an O\\&M engineer as a Bastionhost administrator.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request RejectOperationTicketRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RejectOperationTicketResponse
 */
async function rejectOperationTicketWithOptions(request: RejectOperationTicketRequest, runtime: Util.RuntimeOptions): RejectOperationTicketResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.operationTicketId)) {
    query['OperationTicketId'] = request.operationTicketId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RejectOperationTicket',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary If a Bastionhost administrator enables O\\\\\\&M Approval on the Create Control Policy page, O\\\\\\&M engineers can log on to assets to perform O\\\\\\&M operations only after the administrator approves their O\\\\\\&M applications.
 *
 * @description You can call this operation to reject an O\\&M application of an O\\&M engineer as a Bastionhost administrator.
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request RejectOperationTicketRequest
 * @return RejectOperationTicketResponse
 */
async function rejectOperationTicket(request: RejectOperationTicketRequest): RejectOperationTicketResponse {
  var runtime = new Util.RuntimeOptions{};
  return rejectOperationTicketWithOptions(request, runtime);
}

model RemoveDatabasesFromGroupRequest {
  databaseIds?: [ string ](name='DatabaseIds', description='The IDs of the databases that you want to remove.

This parameter is required.'),
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group from which you want to remove databases.

> You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the asset group ID.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose asset group you want to manage.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-78v1ghxxxxx'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose asset group you want to manage.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model RemoveDatabasesFromGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The error code that is returned. If OK is returned, the operation was successful. If another error code is returned, the operation failed.', example='OK'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='20'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='1'),
      message?: string(name='Message', description='The error message that is returned.'),
    }
  ](name='Results', description='The result of the call.'),
}

model RemoveDatabasesFromGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RemoveDatabasesFromGroupResponseBody(name='body'),
}

/**
 * @summary Removes multiple databases from an asset group at a time.
 *
 * @param request RemoveDatabasesFromGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RemoveDatabasesFromGroupResponse
 */
async function removeDatabasesFromGroupWithOptions(request: RemoveDatabasesFromGroupRequest, runtime: Util.RuntimeOptions): RemoveDatabasesFromGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databaseIds)) {
    query['DatabaseIds'] = request.databaseIds;
  }
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RemoveDatabasesFromGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes multiple databases from an asset group at a time.
 *
 * @param request RemoveDatabasesFromGroupRequest
 * @return RemoveDatabasesFromGroupResponse
 */
async function removeDatabasesFromGroup(request: RemoveDatabasesFromGroupRequest): RemoveDatabasesFromGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return removeDatabasesFromGroupWithOptions(request, runtime);
}

model RemoveHostsFromGroupRequest {
  hostGroupId?: string(name='HostGroupId', description='The ID of the asset group from which you want to remove hosts.

>  You can call the [ListHostGroups](https://help.aliyun.com/document_detail/201307.html) operation to query the asset group ID.

This parameter is required.', example='1'),
  hostIds?: string(name='HostIds', description='The IDs of the hosts that you want to remove from the host group. Specify a JSON string. You can specify up to 100 host IDs.

>  You can call the [ListHosts](https://help.aliyun.com/document_detail/200665.html) operation to query the host IDs.

This parameter is required.', example='["1","2","3"]'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host whose asset group you want to manage.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host whose asset group you want to manage.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model RemoveHostsFromGroupResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.
    > Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.
    > Make sure that the specified bastion host ID and host IDs are valid and call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      hostGroupId?: string(name='HostGroupId', description='The ID of the asset group.', example='1'),
      hostId?: string(name='HostId', description='The ID of the host.', example='1'),
      message?: string(name='Message', description='This parameter is deprecated.', example='无'),
    }
  ](name='Results', description='The result of the call.'),
}

model RemoveHostsFromGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RemoveHostsFromGroupResponseBody(name='body'),
}

/**
 * @summary Removes multiple hosts from an asset group at a time.
 *
 * @description You can call the RemoveHostsFromGroup operation to remove multiple hosts from an asset group at a time. If you no longer need to manage some hosts in an asset group, you can call this operation to remove the hosts from the asset group.
 * # [](#qps-)QPS limit
 * You can call this API operation up to 10 times per second per account. Requests that exceed this limit are dropped and you will experience service interruptions. We recommend that you take note of this limit when you call this operation.
 *
 * @param request RemoveHostsFromGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RemoveHostsFromGroupResponse
 */
async function removeHostsFromGroupWithOptions(request: RemoveHostsFromGroupRequest, runtime: Util.RuntimeOptions): RemoveHostsFromGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hostGroupId)) {
    query['HostGroupId'] = request.hostGroupId;
  }
  if (!Util.isUnset(request.hostIds)) {
    query['HostIds'] = request.hostIds;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RemoveHostsFromGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes multiple hosts from an asset group at a time.
 *
 * @description You can call the RemoveHostsFromGroup operation to remove multiple hosts from an asset group at a time. If you no longer need to manage some hosts in an asset group, you can call this operation to remove the hosts from the asset group.
 * # [](#qps-)QPS limit
 * You can call this API operation up to 10 times per second per account. Requests that exceed this limit are dropped and you will experience service interruptions. We recommend that you take note of this limit when you call this operation.
 *
 * @param request RemoveHostsFromGroupRequest
 * @return RemoveHostsFromGroupResponse
 */
async function removeHostsFromGroup(request: RemoveHostsFromGroupRequest): RemoveHostsFromGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return removeHostsFromGroupWithOptions(request, runtime);
}

model RemoveUsersFromGroupRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host for which you want to remove users from the user group.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host for which you want to remove users from the user group.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userGroupId?: string(name='UserGroupId', description='The ID of the user group from which you want to remove users.

>  You can call the [ListUserGroups](https://help.aliyun.com/document_detail/204509.html) operation to query the ID of the user group.

This parameter is required.', example='１'),
  userIds?: string(name='UserIds', description='The ID of the user who you want to remove. The value is a JSON string. You can add up to 100 user IDs. If you specify multiple IDs, separate the IDs with commas (,).

>  You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the IDs of users.

This parameter is required.', example='["1","2","3"]'),
}

model RemoveUsersFromGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The return code that indicates whether the call was successful. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.

> Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.

> Check whether the specified ID of the bastion host exists, whether the specified hosts exist, and whether the specified host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      message?: string(name='Message', description='This parameter is deprecated.', example='success'),
      userGroupId?: string(name='UserGroupId', description='The ID of the group.', example='1'),
      userId?: string(name='UserId', description='The ID of the user.', example='1'),
    }
  ](name='Results', description='The result of the call.'),
}

model RemoveUsersFromGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RemoveUsersFromGroupResponseBody(name='body'),
}

/**
 * @summary Removes one or more users from a user group.
 *
 * @description You can call this operation to remove one or more users from a user group. When users in a user group are transferred to a new position, resign, or are switched to another user group, you can call this operation to remove the users from the current user group at a time.  
 * ## QPS limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request RemoveUsersFromGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RemoveUsersFromGroupResponse
 */
async function removeUsersFromGroupWithOptions(request: RemoveUsersFromGroupRequest, runtime: Util.RuntimeOptions): RemoveUsersFromGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userGroupId)) {
    query['UserGroupId'] = request.userGroupId;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RemoveUsersFromGroup',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes one or more users from a user group.
 *
 * @description You can call this operation to remove one or more users from a user group. When users in a user group are transferred to a new position, resign, or are switched to another user group, you can call this operation to remove the users from the current user group at a time.  
 * ## QPS limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request RemoveUsersFromGroupRequest
 * @return RemoveUsersFromGroupResponse
 */
async function removeUsersFromGroup(request: RemoveUsersFromGroupRequest): RemoveUsersFromGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return removeUsersFromGroupWithOptions(request, runtime);
}

model RenewAssetOperationTokenRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.
> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  tokenId?: string(name='TokenId', description='The ID of the O\\\\&M token that you want to renew.

>  You can call the [GenerateAssetOperationToken](https://help.aliyun.com/document_detail/2758861.html) operation to query the O\\\\&M token ID.', example='NmYyMmEzNmMwYzljNGYxMjh******'),
}

model RenewAssetOperationTokenResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model RenewAssetOperationTokenResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RenewAssetOperationTokenResponseBody(name='body'),
}

/**
 * @summary Renews an O\\&M token for one hour.
 *
 * @param request RenewAssetOperationTokenRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RenewAssetOperationTokenResponse
 */
async function renewAssetOperationTokenWithOptions(request: RenewAssetOperationTokenRequest, runtime: Util.RuntimeOptions): RenewAssetOperationTokenResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.tokenId)) {
    query['TokenId'] = request.tokenId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RenewAssetOperationToken',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Renews an O\\&M token for one hour.
 *
 * @param request RenewAssetOperationTokenRequest
 * @return RenewAssetOperationTokenResponse
 */
async function renewAssetOperationToken(request: RenewAssetOperationTokenRequest): RenewAssetOperationTokenResponse {
  var runtime = new Util.RuntimeOptions{};
  return renewAssetOperationTokenWithOptions(request, runtime);
}

model ResetHostAccountCredentialRequest {
  credentialType?: string(name='CredentialType', description='The type of the logon credential that you want to delete. Valid values:

*   **Password**
*   **PrivateKey**

This parameter is required.', example='Password'),
  hostAccountId?: string(name='HostAccountId', description='The ID of the host account for which the logon credential is to be deleted.

>  You can call the [ListHostAccounts](https://help.aliyun.com/document_detail/204372.html) operation to query the ID of the host account.

This parameter is required.', example='1'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host from which you want to delete the logon credential for the host account.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host from which you want to delete the logon credential for the host account.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model ResetHostAccountCredentialResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8783-491A-BC8C-1B4DD94976DE'),
}

model ResetHostAccountCredentialResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ResetHostAccountCredentialResponseBody(name='body'),
}

/**
 * @summary Deletes the logon credential of a specified host account. The logon credential can be the password or Secure Shell (SSH) private key.
 *
 * @param request ResetHostAccountCredentialRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ResetHostAccountCredentialResponse
 */
async function resetHostAccountCredentialWithOptions(request: ResetHostAccountCredentialRequest, runtime: Util.RuntimeOptions): ResetHostAccountCredentialResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.credentialType)) {
    query['CredentialType'] = request.credentialType;
  }
  if (!Util.isUnset(request.hostAccountId)) {
    query['HostAccountId'] = request.hostAccountId;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ResetHostAccountCredential',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes the logon credential of a specified host account. The logon credential can be the password or Secure Shell (SSH) private key.
 *
 * @param request ResetHostAccountCredentialRequest
 * @return ResetHostAccountCredentialResponse
 */
async function resetHostAccountCredential(request: ResetHostAccountCredentialRequest): ResetHostAccountCredentialResponse {
  var runtime = new Util.RuntimeOptions{};
  return resetHostAccountCredentialWithOptions(request, runtime);
}

model SetPolicyAccessTimeRangeConfigRequest {
  accessTimeRangeConfig?: {
    effectiveTime?: [ 
      {
        days?: [ int32 ](name='Days', description='The days of the week during which users can log on to the assets.'),
        hours?: [ int32 ](name='Hours', description='The time periods of the day during which users can log on to the assets.'),
      }
    ](name='EffectiveTime', description='The details about the periods during which users can log on to the assets.'),
  }(name='AccessTimeRangeConfig', description='The logon period limits.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The control policy ID.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='13'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyAccessTimeRangeConfigShrinkRequest {
  accessTimeRangeConfigShrink?: string(name='AccessTimeRangeConfig', description='The logon period limits.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The control policy ID.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='13'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyAccessTimeRangeConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model SetPolicyAccessTimeRangeConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyAccessTimeRangeConfigResponseBody(name='body'),
}

/**
 * @summary Configures the logon period limits in a control policy.
 *
 * @param tmpReq SetPolicyAccessTimeRangeConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyAccessTimeRangeConfigResponse
 */
async function setPolicyAccessTimeRangeConfigWithOptions(tmpReq: SetPolicyAccessTimeRangeConfigRequest, runtime: Util.RuntimeOptions): SetPolicyAccessTimeRangeConfigResponse {
  Util.validateModel(tmpReq);
  var request = new SetPolicyAccessTimeRangeConfigShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.accessTimeRangeConfig)) {
    request.accessTimeRangeConfigShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.accessTimeRangeConfig, 'AccessTimeRangeConfig', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.accessTimeRangeConfigShrink)) {
    query['AccessTimeRangeConfig'] = request.accessTimeRangeConfigShrink;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyAccessTimeRangeConfig',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Configures the logon period limits in a control policy.
 *
 * @param request SetPolicyAccessTimeRangeConfigRequest
 * @return SetPolicyAccessTimeRangeConfigResponse
 */
async function setPolicyAccessTimeRangeConfig(request: SetPolicyAccessTimeRangeConfigRequest): SetPolicyAccessTimeRangeConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyAccessTimeRangeConfigWithOptions(request, runtime);
}

model SetPolicyApprovalConfigRequest {
  approvalConfig?: {
    switchStatus?: string(name='SwitchStatus', description='Specifies whether to enable O&M approval in the control policy. Valid values:

* **On**: enables O&M approval.
* **Off**: disables O&M approval.

This parameter is required.', example='On'),
  }(name='ApprovalConfig', description='The O&M approval setting in the control policy.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='7'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyApprovalConfigShrinkRequest {
  approvalConfigShrink?: string(name='ApprovalConfig', description='The O&M approval setting in the control policy.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='7'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyApprovalConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model SetPolicyApprovalConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyApprovalConfigResponseBody(name='body'),
}

/**
 * @summary Configures the O&M approval setting in a control policy.
 *
 * @param tmpReq SetPolicyApprovalConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyApprovalConfigResponse
 */
async function setPolicyApprovalConfigWithOptions(tmpReq: SetPolicyApprovalConfigRequest, runtime: Util.RuntimeOptions): SetPolicyApprovalConfigResponse {
  Util.validateModel(tmpReq);
  var request = new SetPolicyApprovalConfigShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.approvalConfig)) {
    request.approvalConfigShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.approvalConfig, 'ApprovalConfig', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.approvalConfigShrink)) {
    query['ApprovalConfig'] = request.approvalConfigShrink;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyApprovalConfig',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Configures the O&M approval setting in a control policy.
 *
 * @param request SetPolicyApprovalConfigRequest
 * @return SetPolicyApprovalConfigResponse
 */
async function setPolicyApprovalConfig(request: SetPolicyApprovalConfigRequest): SetPolicyApprovalConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyApprovalConfigWithOptions(request, runtime);
}

model SetPolicyAssetScopeRequest {
  databases?: [ 
    {
      accountScopeType?: string(name='AccountScopeType', description='The scope of database accounts to which the control policy applies. Valid values:

*   **All**: The control policy applies to all database accounts of the database.
*   **AccountId**: The control policy applies to specified database accounts of the database.', example='AccountId'),
      databaseAccountIds?: [ string ](name='DatabaseAccountIds', description='The database accounts to which the control policy applies.

>  This parameter is required if AccountScopeType is set to AccountId.'),
      databaseId?: string(name='DatabaseId', description='The database ID.', example='3'),
    }
  ](name='Databases', description='The databases to which the control policy applies.

>  This parameter is required if ScopeType is set to Database. You can specify up to 500 databases.'),
  hostGroups?: [ 
    {
      accountNames?: [ string ](name='AccountNames', description='The asset accounts to which the control policy applies.

> This parameter is required if AccountScopeType is set to AccountName.'),
      accountScopeType?: string(name='AccountScopeType', description='The scope of asset accounts to which the control policy applies. Valid values:

* **All**: The control policy applies to all accounts in the asset group.
* **AccountName**: The control policy applies to specified accounts in the asset group.', example='All'),
      hostGroupId?: string(name='HostGroupId', description='The asset group ID.', example='86'),
    }
  ](name='HostGroups', description='The asset groups to which the control policy applies.

> This parameter is required if ScopeType is set to HostGroup. You can specify up to 100 asset groups.'),
  hosts?: [ 
    {
      accountScopeType?: string(name='AccountScopeType', description='The scope of host accounts to which the control policy applies. Valid values:

* **All**: The control policy applies to all accounts of the host.
* **AccountId**: The control policy applies specified accounts of the host.', example='All'),
      hostAccountIds?: [ string ](name='HostAccountIds', description='The host accounts to which the control policy applies.

> This parameter is required if AccountScopeType is set to AccountId.'),
      hostId?: string(name='HostId', description='The host ID.', example='1'),
    }
  ](name='Hosts', description='The hosts to which the control policy applies.

> This parameter is required if ScopeType is set to Host. You can specify up to 500 hosts.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='7'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  scopeType?: string(name='ScopeType', description='The scope of assets to which the control policy applies. Valid values:

* **All**: The control policy applies to all assets.
* **Host**: The control policy applies to specified hosts.
* **Database**: The control policy applies to specified databases.
* **HostGroup**: The control policy applies to specified asset groups.

This parameter is required.', example='All'),
}

model SetPolicyAssetScopeResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='5EAB922E-F476-5DFA-9290-313C608E724B'),
}

model SetPolicyAssetScopeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyAssetScopeResponseBody(name='body'),
}

/**
 * @summary Specifies the assets to which a control policy applies.
 *
 * @param request SetPolicyAssetScopeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyAssetScopeResponse
 */
async function setPolicyAssetScopeWithOptions(request: SetPolicyAssetScopeRequest, runtime: Util.RuntimeOptions): SetPolicyAssetScopeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.databases)) {
    query['Databases'] = request.databases;
  }
  if (!Util.isUnset(request.hostGroups)) {
    query['HostGroups'] = request.hostGroups;
  }
  if (!Util.isUnset(request.hosts)) {
    query['Hosts'] = request.hosts;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.scopeType)) {
    query['ScopeType'] = request.scopeType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyAssetScope',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Specifies the assets to which a control policy applies.
 *
 * @param request SetPolicyAssetScopeRequest
 * @return SetPolicyAssetScopeResponse
 */
async function setPolicyAssetScope(request: SetPolicyAssetScopeRequest): SetPolicyAssetScopeResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyAssetScopeWithOptions(request, runtime);
}

model SetPolicyCommandConfigRequest {
  commandConfig?: {
    approval?: {
      commands?: [ string ](name='Commands', description='The commands that can be run only after approval.'),
    }(name='Approval', description='The command approval settings.

> A command approval policy is used to approve the commands that are excluded from a whitelist or blacklist specified in a command control policy. The command control policy takes precedence over the command approval policy in validation.'),
    deny?: {
      aclType?: string(name='AclType', description='The type of command control. Valid values:

*   **black**: blacklist mode.
*   **white**: whitelist mode.

This parameter is required.', example='white'),
      commands?: [ string ](name='Commands', description='The commands to be controlled.

> This parameter is required if AclType is set to white.'),
    }(name='Deny', description='The command control settings.

This parameter is required.'),
  }(name='CommandConfig', description='The command control settings.

> This parameter applies only to Linux hosts.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-78v1ghxxxxx'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

> You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='45'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyCommandConfigShrinkRequest {
  commandConfigShrink?: string(name='CommandConfig', description='The command control settings.

> This parameter applies only to Linux hosts.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-78v1ghxxxxx'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

> You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='45'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

>  For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyCommandConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='4F6C075F-FC86-476E-943B-097BD4E12948'),
}

model SetPolicyCommandConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyCommandConfigResponseBody(name='body'),
}

/**
 * @summary Specifies the commands that can or cannot be run by the users or on the assets associated with the policy and the commands that must be reviewed.
 *
 * @param tmpReq SetPolicyCommandConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyCommandConfigResponse
 */
async function setPolicyCommandConfigWithOptions(tmpReq: SetPolicyCommandConfigRequest, runtime: Util.RuntimeOptions): SetPolicyCommandConfigResponse {
  Util.validateModel(tmpReq);
  var request = new SetPolicyCommandConfigShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.commandConfig)) {
    request.commandConfigShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.commandConfig, 'CommandConfig', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.commandConfigShrink)) {
    query['CommandConfig'] = request.commandConfigShrink;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyCommandConfig',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Specifies the commands that can or cannot be run by the users or on the assets associated with the policy and the commands that must be reviewed.
 *
 * @param request SetPolicyCommandConfigRequest
 * @return SetPolicyCommandConfigResponse
 */
async function setPolicyCommandConfig(request: SetPolicyCommandConfigRequest): SetPolicyCommandConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyCommandConfigWithOptions(request, runtime);
}

model SetPolicyIPAclConfigRequest {
  IPAclConfig?: {
    aclType?: string(name='AclType', description='The mode of access control on source IP addresses. Valid values:

*   **black**: blacklist mode.
*   **white**: whitelist mode.

This parameter is required.', example='white'),
    IPs?: [ string ](name='IPs', description='The source IP addresses in the blacklist or whitelist.

> 

*   This parameter is required if AclType is set to white.

*   If AclType is set to black but you do not want to add IP addresses to the blacklist, you can leave IPs empty.

This parameter is required.'),
  }(name='IPAclConfig', description='The access control settings for source IP addresses.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the DescribeInstances operation to query the bastion host ID.[](~~153281~~)

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='3'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyIPAclConfigShrinkRequest {
  IPAclConfigShrink?: string(name='IPAclConfig', description='The access control settings for source IP addresses.

This parameter is required.'),
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the DescribeInstances operation to query the bastion host ID.[](~~153281~~)

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='3'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyIPAclConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model SetPolicyIPAclConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyIPAclConfigResponseBody(name='body'),
}

/**
 * @summary Configures access control settings in a control policy.
 *
 * @param tmpReq SetPolicyIPAclConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyIPAclConfigResponse
 */
async function setPolicyIPAclConfigWithOptions(tmpReq: SetPolicyIPAclConfigRequest, runtime: Util.RuntimeOptions): SetPolicyIPAclConfigResponse {
  Util.validateModel(tmpReq);
  var request = new SetPolicyIPAclConfigShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.IPAclConfig)) {
    request.IPAclConfigShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.IPAclConfig, 'IPAclConfig', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.IPAclConfigShrink)) {
    query['IPAclConfig'] = request.IPAclConfigShrink;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyIPAclConfig',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Configures access control settings in a control policy.
 *
 * @param request SetPolicyIPAclConfigRequest
 * @return SetPolicyIPAclConfigResponse
 */
async function setPolicyIPAclConfig(request: SetPolicyIPAclConfigRequest): SetPolicyIPAclConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyIPAclConfigWithOptions(request, runtime);
}

model SetPolicyProtocolConfigRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

> You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='61'),
  protocolConfig?: {
    RDP?: {
      clipboardDownload?: string(name='ClipboardDownload', description='Specifies whether to enable downloading from the clipboard. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      clipboardUpload?: string(name='ClipboardUpload', description='Specifies whether to enable uploading from the clipboard. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      diskRedirection?: string(name='DiskRedirection', description='Specifies whether to enable driver mapping. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      recordKeyboard?: string(name='RecordKeyboard', description='Specifies whether to enable keyboard operation recording. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
    }(name='RDP', description='The settings of the Remote Desktop Protocol (RDP) options.'),
    SSH?: {
      execCommand?: string(name='ExecCommand', description='Specifies whether to enable remote command execution. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SFTPChannel?: string(name='SFTPChannel', description='Specifies whether to enable SFTP channels. Valid values:

*   Enable
*   Disable

> 

*   If you do not specify this parameter, the default value Disable is used.

*   You must set at least one of the following parameters to Enable: SSHChannel and SFTPChannel.

*   If you select Enable Only SFTP Permission for a host account, do not set SSHChannel and SFTPChannel to Disable for the account. Otherwise, users of the bastion host cannot use the account to access the host.', example='Enable'),
      SFTPDownloadFile?: string(name='SFTPDownloadFile', description='Specifies whether to enable file downloading during SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SFTPMkdir?: string(name='SFTPMkdir', description='Specifies whether to enable folder creation during SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SFTPRemoveFile?: string(name='SFTPRemoveFile', description='Specifies whether to enable file deletion during SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SFTPRenameFile?: string(name='SFTPRenameFile', description='Specifies whether to enable file renaming during SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SFTPRmdir?: string(name='SFTPRmdir', description='Specifies whether to enable folder deletion during SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SFTPUploadFile?: string(name='SFTPUploadFile', description='Specifies whether to enable file uploading during SFTP-based O\\\\&M. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
      SSHChannel?: string(name='SSHChannel', description='Specifies whether to enable SSH channels. Valid values:

*   Enable
*   Disable

> 

*   If you do not specify this parameter, the default value Disable is used.

*   You must set at least one of the following parameters to Enable: SSHChannel and SFTPChannel. If you set SSHChannel to Disable, SSH-based logon is disabled for the asset account. Proceed with caution.

*   If you select Enable Only SFTP Permission for a host account, do not set SSHChannel and SFTPChannel to Disable for the account. Otherwise, users of the bastion host cannot use the account to access the host.', example='Enable'),
      x11Forwarding?: string(name='X11Forwarding', description='Specifies whether to enable X11 forwarding. Valid values:

*   Enable
*   Disable

> If you do not specify this parameter, the default value Disable is used.', example='Enable'),
    }(name='SSH', description='The settings of the SSH and SSH Fine Transfer Protocol (SFTP) options.'),
  }(name='ProtocolConfig', description='The protocol control settings.

This parameter is required.'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyProtocolConfigShrinkRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

> You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='61'),
  protocolConfigShrink?: string(name='ProtocolConfig', description='The protocol control settings.

This parameter is required.'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
}

model SetPolicyProtocolConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='81500666-d7f5-4143-8329-0223cc738105'),
}

model SetPolicyProtocolConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyProtocolConfigResponseBody(name='body'),
}

/**
 * @summary Modify the protocol control settings in a control policy.
 *
 * @param tmpReq SetPolicyProtocolConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyProtocolConfigResponse
 */
async function setPolicyProtocolConfigWithOptions(tmpReq: SetPolicyProtocolConfigRequest, runtime: Util.RuntimeOptions): SetPolicyProtocolConfigResponse {
  Util.validateModel(tmpReq);
  var request = new SetPolicyProtocolConfigShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.protocolConfig)) {
    request.protocolConfigShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.protocolConfig, 'ProtocolConfig', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.protocolConfigShrink)) {
    query['ProtocolConfig'] = request.protocolConfigShrink;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyProtocolConfig',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Modify the protocol control settings in a control policy.
 *
 * @param request SetPolicyProtocolConfigRequest
 * @return SetPolicyProtocolConfigResponse
 */
async function setPolicyProtocolConfig(request: SetPolicyProtocolConfigRequest): SetPolicyProtocolConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyProtocolConfigWithOptions(request, runtime);
}

model SetPolicyUserScopeRequest {
  instanceId?: string(name='InstanceId', description='The bastion host ID.

>  You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the bastion host ID.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  policyId?: string(name='PolicyId', description='The ID of the control policy that you want to modify.

>  You can call the [ListPolicies](https://help.aliyun.com/document_detail/2758876.html) operation to query the control policy ID.

This parameter is required.', example='1'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  scopeType?: string(name='ScopeType', description='The scope of users to whom the control policy applies. Valid values:

* **All**: The control policy applies to all users.
* **User**: The control policy applies to specified users.
* **UserGroup**: The control policy applies to specified user groups.

This parameter is required.', example='All'),
  userGroupIds?: [ string ](name='UserGroupIds', description='The user groups to which the control policy applies.

> This parameter is required if ScopeType is set to UserGroup. You can specify up to 100 user group IDs.'),
  userIds?: [ string ](name='UserIds', description='The users to whom the control policy applies.

> This parameter is required if ScopeType is set to User. You can specify up to 500 user IDs.'),
}

model SetPolicyUserScopeResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
}

model SetPolicyUserScopeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPolicyUserScopeResponseBody(name='body'),
}

/**
 * @summary Specifies the users to whom a control policy applies.
 *
 * @param request SetPolicyUserScopeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPolicyUserScopeResponse
 */
async function setPolicyUserScopeWithOptions(request: SetPolicyUserScopeRequest, runtime: Util.RuntimeOptions): SetPolicyUserScopeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.scopeType)) {
    query['ScopeType'] = request.scopeType;
  }
  if (!Util.isUnset(request.userGroupIds)) {
    query['UserGroupIds'] = request.userGroupIds;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPolicyUserScope',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Specifies the users to whom a control policy applies.
 *
 * @param request SetPolicyUserScopeRequest
 * @return SetPolicyUserScopeResponse
 */
async function setPolicyUserScope(request: SetPolicyUserScopeRequest): SetPolicyUserScopeResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPolicyUserScopeWithOptions(request, runtime);
}

model StartInstanceRequest {
  clientSecurityGroupIds?: [ string ](name='ClientSecurityGroupIds'),
  enablePortalPrivateAccess?: boolean(name='EnablePortalPrivateAccess'),
  instanceId?: string(name='InstanceId', description='The ID of the bastion host that you want to enable.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-78v1gh****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host.', example='cn-hangzhou'),
  securityGroupIds?: [ string ](name='SecurityGroupIds', description='An array consisting of the IDs of security groups to which the bastion host is added.

This parameter is required.', example='sg-bp1aiupc4yjqgmm****'),
  slaveVswitchId?: string(name='SlaveVswitchId'),
  vswitchId?: string(name='VswitchId', description='The ID of the vSwitch to which the bastion host belongs.', example='vsw-bp1xfwzzfti0kjbf****'),
}

model StartInstanceResponseBody = {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host that you enable.', example='bastionhost-cn-78v1gh****'),
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='0F85AE0A-6A87-48F3-A0C7-90B998788A36'),
}

model StartInstanceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: StartInstanceResponseBody(name='body'),
}

/**
 * @summary Enables the specified bastion host.
 *
 * @param request StartInstanceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return StartInstanceResponse
 */
async function startInstanceWithOptions(request: StartInstanceRequest, runtime: Util.RuntimeOptions): StartInstanceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.clientSecurityGroupIds)) {
    query['ClientSecurityGroupIds'] = request.clientSecurityGroupIds;
  }
  if (!Util.isUnset(request.enablePortalPrivateAccess)) {
    query['EnablePortalPrivateAccess'] = request.enablePortalPrivateAccess;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.securityGroupIds)) {
    query['SecurityGroupIds'] = request.securityGroupIds;
  }
  if (!Util.isUnset(request.slaveVswitchId)) {
    query['SlaveVswitchId'] = request.slaveVswitchId;
  }
  if (!Util.isUnset(request.vswitchId)) {
    query['VswitchId'] = request.vswitchId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'StartInstance',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables the specified bastion host.
 *
 * @param request StartInstanceRequest
 * @return StartInstanceResponse
 */
async function startInstance(request: StartInstanceRequest): StartInstanceResponse {
  var runtime = new Util.RuntimeOptions{};
  return startInstanceWithOptions(request, runtime);
}

model TagResourcesRequest {
  regionId?: string(name='RegionId', description='The region ID of the bastion hosts to which you want to create and add tags.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).

This parameter is required.', example='cn-hangzhou'),
  resourceId?: [ string ](name='ResourceId', description='An array that consists of IDs of bastion hosts.

Valid values: 1 to 20.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query IDs of bastion hosts.

This parameter is required.', example='bastionhost-cn-78v1gc****'),
  resourceType?: string(name='ResourceType', description='The type of the resource.

Set the value to **INSTANCE**, which indicates that the resource is a bastion host.

This parameter is required.', example='INSTANCE'),
  tag?: [ 
    {
      key?: string(name='Key', description='The tag key of the bastion host. You can specify up to 20 tags for the bastion host.

> - Thekey cannot be an empty string. The key can be up to 128 characters in length. 
> - It cannot start with **aliyun** or **acs:**, and cannot contain **http://** or **https://**.', example='operation'),
      value?: string(name='Value', description='The tag value of the bastion host.\\\\
You can specify up to 20 tags for the bastion host.

> *   The value can be a string of up to 128 characters or an empty string.
> *   It cannot start with **aliyun** or **acs:**, and cannot contain **http://** or **https://**.', example='operation_test'),
    }
  ](name='Tag', description='The tags.'),
}

model TagResourcesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='2F24F0A8-4C69-4E89-9392-457D107E2D4A'),
}

model TagResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: TagResourcesResponseBody(name='body'),
}

/**
 * @summary Creates and adds tags to specified bastion hosts.
 *
 * @param request TagResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return TagResourcesResponse
 */
async function tagResourcesWithOptions(request: TagResourcesRequest, runtime: Util.RuntimeOptions): TagResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'TagResources',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates and adds tags to specified bastion hosts.
 *
 * @param request TagResourcesRequest
 * @return TagResourcesResponse
 */
async function tagResources(request: TagResourcesRequest): TagResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return tagResourcesWithOptions(request, runtime);
}

model UnlockUsersRequest {
  instanceId?: string(name='InstanceId', description='The ID of the bastion host to which the users to be unlocked belong.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.', example='bastionhost-cn-st220aw****'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to which the users to be unlocked belong.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).', example='cn-hangzhou'),
  userIds?: string(name='UserIds', description='The ID of the user that you want to unlock. The value is a JSON string. You can add up to 100 user IDs. If you specify multiple IDs, separate the IDs with commas (,).

> You can call the [ListUsers](https://help.aliyun.com/document_detail/204522.html) operation to query the ID of the user.

This parameter is required.', example='["1","2"]'),
}

model UnlockUsersResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='EC9BF0F4-8983-491A-BC8C-1B4DD94976DE'),
  results?: [ 
    {
      code?: string(name='Code', description='The result of the call. Valid values:

*   **OK**: The call was successful.

*   **UNEXPECTED**: An unknown error occurred.

*   **INVALID_ARGUMENT**: A request parameter is invalid.

    **

    **Note**Make sure that the request parameters are valid and call the operation again.

*   **OBJECT_NOT_FOUND**: The specified object on which you want to perform the operation does not exist.

    **

    **Note**Check whether the specified ID of the bastion host exists, whether the specified hosts exist, and whether the specified host IDs are valid. Then, call the operation again.

*   **OBJECT_AlREADY_EXISTS**: The specified object on which you want to perform the operation already exists.', example='OK'),
      message?: string(name='Message', description='This parameter is deprecated.', example='N/A'),
      userId?: string(name='UserId', description='The ID of the user.', example='１'),
    }
  ](name='Results', description='An array that consists of information about the result of the call.'),
}

model UnlockUsersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UnlockUsersResponseBody(name='body'),
}

/**
 * @summary Unlocks one or more users of a bastion host.
 *
 * @description After you call the [LockUsers](https://help.aliyun.com/document_detail/204591.html) operation to lock one or more users of a bastion host, you can call this operation to unlock the users. After the users are unlocked, the users can perform O\\&M operations by using the bastion host.
 * # Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request UnlockUsersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UnlockUsersResponse
 */
async function unlockUsersWithOptions(request: UnlockUsersRequest, runtime: Util.RuntimeOptions): UnlockUsersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.userIds)) {
    query['UserIds'] = request.userIds;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UnlockUsers',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Unlocks one or more users of a bastion host.
 *
 * @description After you call the [LockUsers](https://help.aliyun.com/document_detail/204591.html) operation to lock one or more users of a bastion host, you can call this operation to unlock the users. After the users are unlocked, the users can perform O\\&M operations by using the bastion host.
 * # Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request UnlockUsersRequest
 * @return UnlockUsersResponse
 */
async function unlockUsers(request: UnlockUsersRequest): UnlockUsersResponse {
  var runtime = new Util.RuntimeOptions{};
  return unlockUsersWithOptions(request, runtime);
}

model UntagResourcesRequest {
  all?: boolean(name='All', description='Specifies whether to delete all tags that are added to the bastion host.

*   If you specify TagKey.N, the value of this parameter can only be **false**, which indicates that only a specified tag is deleted.
*   If you do not specify TagKey.N and the value of this parameter is **true**, all tags are deleted. If you do not specify TagKey.N and the value of this parameter is **false**, no tags are deleted.', example='false'),
  regionId?: string(name='RegionId', description='The region ID of the bastion host to query.

> For more information about the mapping between region IDs and region names, see [Regions and zones](https://help.aliyun.com/document_detail/40654.html).

This parameter is required.', example='cn-hangzhou'),
  resourceId?: [ string ](name='ResourceId', description='An array that consists of IDs of bastion hosts.

Valid values: 1 to 20.

> You can call the [DescribeInstances](https://help.aliyun.com/document_detail/153281.html) operation to query the ID of the bastion host.

This parameter is required.'),
  resourceType?: string(name='ResourceType', description='The type of the resource.

Set the value to **INSTANCE**, which indicates that the resource is a bastion host.

This parameter is required.', example='INSTANCE'),
  tagKey?: [ string ](name='TagKey', description='The key of tag N.

Valid values of N: 1 to 20.'),
}

model UntagResourcesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request, which is used to locate and troubleshoot issues.', example='A8A665B9-8550-4942-9DEE-73198051856B'),
}

model UntagResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UntagResourcesResponseBody(name='body'),
}

/**
 * @summary Removes tags from the specified bastion host and deletes the tags at a time.
 *
 * @param request UntagResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UntagResourcesResponse
 */
async function untagResourcesWithOptions(request: UntagResourcesRequest, runtime: Util.RuntimeOptions): UntagResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.all)) {
    query['All'] = request.all;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tagKey)) {
    query['TagKey'] = request.tagKey;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UntagResources',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes tags from the specified bastion host and deletes the tags at a time.
 *
 * @param request UntagResourcesRequest
 * @return UntagResourcesResponse
 */
async function untagResources(request: UntagResourcesRequest): UntagResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return untagResourcesWithOptions(request, runtime);
}

model VerifyInstanceADAuthServerRequest {
  account?: string(name='Account', description='This parameter is required.', example='cn=Manager,dc=test,dc=com'),
  baseDN?: string(name='BaseDN', description='This parameter is required.', example='dc=test,dc=com'),
  domain?: string(name='Domain', description='This parameter is required.', example='domain'),
  filter?: string(name='Filter', example='(objectClass=top)'),
  instanceId?: string(name='InstanceId', description='This parameter is required.', example='bastionhost-cn-st220aw****'),
  isSSL?: string(name='IsSSL', description='This parameter is required.', example='true'),
  password?: string(name='Password', description='This parameter is required.', example='******'),
  port?: string(name='Port', description='This parameter is required.', example='389'),
  regionId?: string(name='RegionId', example='cn-hangzhou'),
  server?: string(name='Server', description='This parameter is required.', example='192.168.XX.XX'),
  standbyServer?: string(name='StandbyServer', example='192.168.XX.XX'),
}

model VerifyInstanceADAuthServerResponseBody = {
  requestId?: string(name='RequestId', example='8F1085E3-F048-5F34-B650-F145216E4AA5'),
}

model VerifyInstanceADAuthServerResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: VerifyInstanceADAuthServerResponseBody(name='body'),
}

/**
 * @summary 验证实例AD服务配置
 *
 * @param request VerifyInstanceADAuthServerRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return VerifyInstanceADAuthServerResponse
 */
async function verifyInstanceADAuthServerWithOptions(request: VerifyInstanceADAuthServerRequest, runtime: Util.RuntimeOptions): VerifyInstanceADAuthServerResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.account)) {
    query['Account'] = request.account;
  }
  if (!Util.isUnset(request.baseDN)) {
    query['BaseDN'] = request.baseDN;
  }
  if (!Util.isUnset(request.domain)) {
    query['Domain'] = request.domain;
  }
  if (!Util.isUnset(request.filter)) {
    query['Filter'] = request.filter;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.isSSL)) {
    query['IsSSL'] = request.isSSL;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.server)) {
    query['Server'] = request.server;
  }
  if (!Util.isUnset(request.standbyServer)) {
    query['StandbyServer'] = request.standbyServer;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'VerifyInstanceADAuthServer',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 验证实例AD服务配置
 *
 * @param request VerifyInstanceADAuthServerRequest
 * @return VerifyInstanceADAuthServerResponse
 */
async function verifyInstanceADAuthServer(request: VerifyInstanceADAuthServerRequest): VerifyInstanceADAuthServerResponse {
  var runtime = new Util.RuntimeOptions{};
  return verifyInstanceADAuthServerWithOptions(request, runtime);
}

model VerifyInstanceLDAPAuthServerRequest {
  account?: string(name='Account', description='This parameter is required.', example='cn=Manager,dc=test,dc=com'),
  baseDN?: string(name='BaseDN', description='This parameter is required.', example='dc=test,dc=com'),
  filter?: string(name='Filter', example='(objectClass=top)'),
  instanceId?: string(name='InstanceId', description='This parameter is required.', example='bastionhost-cn-st220aw****'),
  isSSL?: string(name='IsSSL', example='true'),
  password?: string(name='Password', example='******'),
  port?: string(name='Port', description='This parameter is required.', example='389'),
  regionId?: string(name='RegionId', example='cn-hangzhou'),
  server?: string(name='Server', description='This parameter is required.', example='192.168.XX.XX'),
  standbyServer?: string(name='StandbyServer', example='192.168.XX.XX'),
}

model VerifyInstanceLDAPAuthServerResponseBody = {
  requestId?: string(name='RequestId', example='C9E97677-BD74-584B-AFCE-948C2A70BB83'),
}

model VerifyInstanceLDAPAuthServerResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: VerifyInstanceLDAPAuthServerResponseBody(name='body'),
}

/**
 * @summary 验证实例LDAP服务配置
 *
 * @param request VerifyInstanceLDAPAuthServerRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return VerifyInstanceLDAPAuthServerResponse
 */
async function verifyInstanceLDAPAuthServerWithOptions(request: VerifyInstanceLDAPAuthServerRequest, runtime: Util.RuntimeOptions): VerifyInstanceLDAPAuthServerResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.account)) {
    query['Account'] = request.account;
  }
  if (!Util.isUnset(request.baseDN)) {
    query['BaseDN'] = request.baseDN;
  }
  if (!Util.isUnset(request.filter)) {
    query['Filter'] = request.filter;
  }
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.isSSL)) {
    query['IsSSL'] = request.isSSL;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  if (!Util.isUnset(request.server)) {
    query['Server'] = request.server;
  }
  if (!Util.isUnset(request.standbyServer)) {
    query['StandbyServer'] = request.standbyServer;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'VerifyInstanceLDAPAuthServer',
    version = '2019-12-09',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 验证实例LDAP服务配置
 *
 * @param request VerifyInstanceLDAPAuthServerRequest
 * @return VerifyInstanceLDAPAuthServerResponse
 */
async function verifyInstanceLDAPAuthServer(request: VerifyInstanceLDAPAuthServerRequest): VerifyInstanceLDAPAuthServerResponse {
  var runtime = new Util.RuntimeOptions{};
  return verifyInstanceLDAPAuthServerWithOptions(request, runtime);
}

